K
Q

How to configure openid-connect with kubernetes

7/26/2017
  kubectl config set-credentials USER_NAME \
   --auth-provider=oidc \
   --auth-provider-arg=idp-issuer-url=( issuer url ) \
   --auth-provider-arg=client-id=( your client id ) \
   --auth-provider-arg=client-secret=( your client secret ) \
   --auth-provider-arg=refresh-token=( your refresh token ) \
   --auth-provider-arg=idp-certificate-authority=( path to your ca certificate ) \
   --auth-provider-arg=id-token=( your id_token ) \
   --auth-provider-arg=extra-scopes=( comma separated list of scopes to add to "openid email profile", optional )

Is this sufficient to configure openid-connect with kubernetes? Can someone tell me what are the value for

1. issuer url 2. refresh token 3. path to ca certificate 4. extra-scopes 5. id-token

Also just to confirm, i would like to know if client secret and client ID are the same as the google credentials created.

-- NSP
kubernetes
openid-connect

Similar Questions

Is it possible to disable service discovery with environment variables in kubernetes?
Kubernetes: How do I deploy container from saved checkpoint?
k8s: Error pulling images from ECR
Different ingress in different Namespace in kubernetes

1 Answer

8/11/2017

Install the k8s-oidc-helper tool. To this pass the google credential (JSON file). This will then open the browser to provide a secret code. Copy and paste it to get the required OIDC paramters.

-- NSP
Source: StackOverflow