yujunjun/OpenMetadata
1
0
Fork 0
mirror of https://github.com/open-metadata/OpenMetadata.git synced 2025-07-13 20:18:24 +00:00
Code Issues Packages Projects Releases Wiki Activity
OpenMetadata/openmetadata-docs/content/v1.5.x-SNAPSHOT/deployment/security/keycloak/kubernetes.md
Imri Paran e2f845b2d1
docs: add 1.5.x-SNAPSHOT (#16694)
2024-06-18 15:53:06 +02:00

1.3 KiB
Raw Blame History

title slug
Keycloak SSO for Kubernetes /deployment/security/keycloak/kubernetes

Keycloak SSO for Kubernetes

Check the Helm information here.

Once the Client Id is generated, see the snippet below for an example of where to place the client id value and update the authorizer configurations in the values.yaml.

The configuration below already uses the presets shown in the example of keycloak configurations, you can change to yours.

openmetadata:
  config:
    authorizer:
      className: "org.openmetadata.service.security.DefaultAuthorizer"
      containerRequestFilter: "org.openmetadata.service.security.JwtFilter"
      initialAdmins:
        - "admin-user"
      principalDomain: "open-metadata.org"
    authentication:
      provider: "custom-oidc"
      publicKeys:
      - "{your domain}/api/v1/system/config/jwks" # Update with your Domain and Make sure this "/api/v1/system/config/jwks" is always configured to enable JWT tokens
      - "http://localhost:8081/auth/realms/data-sec/protocol/openid-connect/certs"
      authority: "http://localhost:8081/auth/realms/data-sec"
      clientId: "{Client ID}"
      callbackUrl: "http://localhost:8585/callback"

{% partial file="/v1.5/deployment/configure-ingestion.md" /%}