Uploaded image for project: 'Red Hat Internal Developer Platform'
  1. Red Hat Internal Developer Platform
  2. RHIDP-3516

[Docs] Auth providers: Standardize RHDH auth providers in docs

XMLWordPrintable

    • Icon: Task Task
    • Resolution: Done
    • Icon: Blocker Blocker
    • 1.3.1
    • 1.3.0
    • Documentation
    • RHDH Docs Team 3261, RHDH Documentation 3263

      Feature Overview (aka. Goal Summary)

      Enhance and standardize authentication providers in RHDH to enterprise-ready level, focusing on GitHub and OIDC

      We have auth providers of different qualities in RHDH. We want support each on an enterprise ready level. We start with GitHub and OIDC.
      GitHub is widely used for demo purposes and is good for smaller teams that already work with GitHub.
      OIDC is enterprise ready and can be used in larger settings.
      Our current OIDC implementation requires a user entity to be present in the catalog.
      This can be achieved by e.g. using the keycloak plugin to populate the user entity, or using custom scripts.
      The main goal is to properly document and test GitHub and OIDC with keycloak and PingFederate as OIDC providers.

      We also want to remove the SignInWithCatalogUserOptional default setting, which would allow users to be logged in, without a user entity present in the catalog.

      Goals (aka. expected user outcomes)

      • Improved authentication experience for users across different provider types
      • Simplified setup and configuration for administrators
      • Enhanced flexibility in user entity management
      • Better documentation and testing for GitHub and OIDC (Keycloak and PingFederate) providers

      Requirements (aka. Acceptance Criteria):

      • convert SignInWithCatalogUserOptional to an optional setting, defaulting to off
      • Document step-by-step setup process for GitHub auth provider
      • Document step-by-step setup process for OIDC
      • test suite for GitHub auth provider
      • test suite for OIDC with Keycloak
      • test suite for OIDC with PingIdentity
      • Update existing documentation to reflect new features and best practices
      • Ensure backward compatibility with existing auth provider configurations

      Out of Scope (Optional)

      • Implementation of additional auth providers beyond GitHub and OIDC
      • Advanced customization options for auth providers
      • Migration tools for existing non-standard auth configurations

      Customer Considerations (Optional)

      Documentation Considerations

      • Update documentation sections for GitHub and OIDC (Keycloak and PingFederate) setup
      • Update existing OIDC documentation to include information on mappingMethod
      • Remove documentation for other auth providers

              ffloreth@redhat.com Fabrice Flore-Thébault
              hmanwani@redhat.com Heena Manwani
              RHDH Documentation
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: