Configure Mission Control to use OpenID Connect (OIDC) for authentication

Mission Control can use the OpenID Connect (OIDC) or Lightweight Directory Access Protocol (LDAP) protocols for authentication. This topic explains how to configure the OIDC setup. See Configure Mission Control to use LDAP for the other supported authentication protocol.

Prerequisites

  • An instance of Mission Control, installed through either your own Kubernetes cluster or the runtime installer. See planning for your installation.

  • A downloaded Mission Control license file.

    Mission Control requires a license file to provide Kubernetes Off-The-Shelf (KOTS) or Helm with required information for installation. Information includes customer identifiers, software update channels, and entitlements.

    Are you exploring Mission Control as a solution for your organization? Fill out this registration form to request a community edition license.

    If you need a replacement license file or a non-community edition, or want to convert your Public Preview license to use a stable channel release version, contact your account team.

Configure Mission Control to use OIDC for authentication

To configure Mission Control to use OIDC for authentication, follow the steps for your installation type.

  • KOTS installation

  • Helm installation

  1. Port-forward to the admin console:

    kubectl kots admin-console
  2. Navigate to http://127.0.0.1:8800 (password: admin) to edit the Mission Control configuration and enable the OIDC connector.

  3. Complete the Authentication and Connector sections by providing your environment’s OIDC settings.

    See the Dex OIDC connector documentation for available fields and their descriptions.

  4. Deploy the new configuration.

  5. Navigate to the Mission Control UI, and then click Sign in with OpenID Connect to test the connection.

  6. Optional: Remove the admin user in the Mission Control configuration to remove the Sign in with Email option.

  1. Configure the OIDC connector in your values.yaml file under the dex section:

    dex:
      config:
        connectors:
          - type: oidc
            id: oidc
            name: OpenID Connect
            config:
              # Add your OIDC configuration here

    See the Dex OIDC connector documentation for available fields and their descriptions.

  2. Apply the updated configuration:

    helm upgrade mission-control ./mission-control -f values.yaml
  3. Navigate to the Mission Control UI, and then click Sign in with OpenID Connect to test the connection.

  4. Optional: Remove the admin user in the Mission Control configuration to remove the Sign in with Email option.

Was this helpful?

Give Feedback

How can we improve the documentation?

© 2025 DataStax | Privacy policy | Terms of use | Manage Privacy Choices

Apache, Apache Cassandra, Cassandra, Apache Tomcat, Tomcat, Apache Lucene, Apache Solr, Apache Hadoop, Hadoop, Apache Pulsar, Pulsar, Apache Spark, Spark, Apache TinkerPop, TinkerPop, Apache Kafka and Kafka are either registered trademarks or trademarks of the Apache Software Foundation or its subsidiaries in Canada, the United States and/or other countries. Kubernetes is the registered trademark of the Linux Foundation.

General Inquiries: +1 (650) 389-6000, info@datastax.com