Uploaded image for project: 'OpenShift Console'
  1. OpenShift Console
  2. CONSOLE-4973

OCP 4.22 - Console Integration for Multiple OIDC Identity Provider Support (BYO OIDC)

XMLWordPrintable

    • Icon: Epic Epic
    • Resolution: Unresolved
    • Icon: Critical Critical
    • None
    • None
    • None
    • Support the integration of multiple OIDC IDP within the console UI
    • To Do
    • None
    • 100% To Do, 0% In Progress, 0% Done
    • False
    • Hide

      None

      Show
      None
    • False
    • Not Selected
    • None
    • None
    • None

      Problem Statement

      The OpenShift Console currently supports only a singular OAuth2 client configuration and relies on the integrated OAuth server for all authentication logic, including Identity Provider (IdP) selection. With the introduction of support for multiple BYO OIDC providers, the Console UI and underlying operator configuration must evolve. Customers who configure multiple IdPs will have no way to select their desired provider through the Console, leading to a broken authentication experience for end-users relying on the web UI.

      Background

      The Control Plane Auth team is introducing API changes to allow for multiple BYO OIDC configurations in OpenShift 4.21. The majority of the required effort to enable a complete, end-user workflow involves updating the Console and Console-Operator to appropriately handle and present multiple client configurations and authentication flows. This work is necessary to enable a holistic, GA-ready feature, as most end-users authenticate via the Console.

      Goals for the Work

      TBD

       

      Definition of Done

      TBD

              Unassigned Unassigned
              jhadvig@redhat.com Jakub Hadvig
              None
              None
              None
              None
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated: