mirror of https://github.com/open-metadata/OpenMetadata.git synced 2025-07-22 17:01:41 +00:00

chore(docs): Update k8s snippet of Google SSO (#15286 )

* chore(docs): Update k8s snippet of Google SSO

* chore: Update code snippets for jwks config url

* chore(docs): Add a note on JWKS Url Reachability

2024-02-21 09:30:17 +01:00

1.1 KiB

Raw Blame History

title	slug
Custom OIDC SSO for Kubernetes	/deployment/security/custom-oidc/kubernetes

Custom OIDC SSO for Kubernetes

Check the Helm information here.

Once the Client Id is generated, see the snippet below for an example of where to place the client id value and update the authorizer configurations in the values.yaml.

global:
  authorizer:
    className: "org.openmetadata.service.security.DefaultAuthorizer"
    containerRequestFilter: "org.openmetadata.service.security.JwtFilter"
    initialAdmins:
      - "user1"
      - "user2"
    principalDomain: "open-metadata.org"
  authentication:
    provider: "custom-oidc"
    publicKeys:
    - "{your domain}/api/v1/config/jwks" # Update with your Domain and Make sure this "/api/v1/config/jwks" is always configured to enable JWT tokens
    - "http://localhost:8080/realms/myrealm/protocol/openid-connect/certs"
    authority: "http://localhost:8080/realms/myrealm"
    clientId: "{Client ID}"
    callbackUrl: "http://localhost:8585/callback"

{% partial file="/v1.3/deployment/configure-ingestion.md" /%}

1.1 KiB Raw Blame History

Custom OIDC SSO for Kubernetes

1.1 KiB

Raw Blame History