Configure Mission Control to use OpenID Connect (OIDC) for authentication
Mission Control can use the OpenID Connect (OIDC) or LDAP protocols for authentication. This topic describes configuring the OpenID Connect setup. See Configure Mission Control to use LDAP for the other supported authentication protocol.
Prerequisites
-
An instance of Mission Control, installed through either your own Kubernetes cluster or the runtime installer. See planning for your installation.
-
A downloaded Mission Control license file.
Mission Control requires a license file to provide Kubernetes Off-The-Shelf (KOTS) or Helm with required information out installation. Information includes customer identifiers, software update channels, and entitlements.
Are you exploring Mission Control as a solution for your organization? Fill out this registration form to request a community edition license.
If you need a replacement license file or a non-community edition, or want to convert your Public Preview license to use a stable channel release version, contact your account team.
-
A prepared environment on either bare-metal/VM or an existing Kubernetes cluster.
-
Reference the OIDC configuration, connector fields and values information.
Configure Mission Control to use OpenID Connect (OIDC) for authentication
-
Port-forward to the admin console:
kubectl kots admin-console -
Navigate to http://127.0.0.1:8800 (password admin) and edit the Mission Control configuration to enable the OIDC connector. Fill in the
authenticationandconnectorsections by providing your environment’s OIDC information. -
Deploy the new configuration.
Test the connection
-
Navigate to the Mission Control User Interface (UI) and try to connect with OIDC.
-
You can also remove the admin user in the Mission Control configuration, and the
connect with emailoption should no longer be available.
