I think we know the security benefits and the development benefits of using a delegated authentication protocol like OpenIDC or SAML. However, actually doing the integration in the application can be difficult at times. There is a lack of documentation and guidance on the best modules or packages to use for the various frameworks. In […]
Category: IAM
Good day, in this post I will show you how to use Keycloak (Open source Redhat SSO) as the identity provider for AWX. I am basing this tutorial on the post on red hat SSO integration on ansible.com and from the AWX docs on SAML authentication Prerequisites You need the following set up: AWX instance […]
In any organisation of a large size managing access to servers and cloud resources is difficult. There is often a tradeoff between convenience and security. Changing these settings is also a bit scary in production as you can be locked out of your servers… One solution mentioned by facebook engineering and smallstep is to make […]
The documentation for setting up an OpenIDC identity provider / authentication method for Harbor Registry can be found in the harbor docs. Harbor has supported OIDC since version 1.8. Importantly: You can change the authentication mode from database to OIDC only if no local users have been added to the database. If there is at […]
First thing to do is get familiar with keycloak. once you are happy it might be useful take a look at the keycloak quickstarts. They seem to have all the examples and samples on getting going with keycloak. In particular you want to look at the keycloak kubernetes examples For posterity I will show the […]