Version: next

SingleSignOn Config

note

-Working in progress

SingleSignOnConfig

NameTypeDescriptionRequired
issuerstringThe base path of dex and the external name of the OpenID Connect service.Domain or issuer can't be blank at the same time.
jwksUristringJWKS endpoint used to verify JWT tokens
domainstringkalm dex oidc provider domainDomain or issuer can't be blank at the same time.
useHttpboolDefault scheme is https, this flag is to change it to httpFalse
port*intport of kalm dex oidc providerFalse
showApproveScreenbool
alwaysShowLoginScreenbool
connectorsDexConnector []Dex connectors configConnectors and TemporaryUser can't be blank at the same time.
temporaryUser*TemporaryDexUserTemporary Dex user, mainly used for bootstrapping setup of Kalm.Connectors and TemporaryUser can't be blank at the same time.
externalEnvoyExtAuthz*ExtAuthzEndpointCreate service entry if the ext_authz service is running out of istio meshFalse
idTokenExpirySeconds*uint32expiry of idToken in secondsFalse

DexConnector

NameTypeDescriptionRequired
typestringtype of Connector, currently support: github and gitlabTrue
idstringid of dex connectorTrue
namestringname of dex connectorTrue
config*runtime.RawExtensionconfig for dex connectorTrue

TemporaryDexUser

NameTypeDescriptionRequired
usernamestringTrue
passowrdHashstringbcrypt hash of the passwordTrue
userIdstringTrue
emailstringTrue

ExtAuthzEndpoint

NameTypeDescriptionRequired
hoststringhost of endpointTrue
portintport of endpointTrue
schemestringhttp or httpsTrue
Last updated on by david