Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Confusing about the OIDC #23113

Closed
huonguyenlt opened this issue Aug 23, 2024 · 3 comments
Closed

Confusing about the OIDC #23113

huonguyenlt opened this issue Aug 23, 2024 · 3 comments
Labels
area/install Issues related to installation, including offline/air gap and initial setup kind/question Questions that haven't been identified as being feature requests or bugs. team/A This team is responsible for the Che Operator and all its operands as well as chectl and Hosted Che

Comments

@huonguyenlt
Copy link

Summary

I am setting up keycloak as OIDC provider. As I understand, I have to integrate OIDC with both the kubernetes cluster and the che cluster. There are some questions need your help to explain.

  1. I dont understand why we have to integrate keycloak oidc with the kubernetes cluster.
  2. Do I have to create 2 keycloak clients, one for authen to kubernetes, and one for authen to che cluster?
  3. In the example installing che on Azure, the document only creates a client application in microsoft entra id, then adding it to the checluster. It does not mention add the oidc to kubernetes. Is the step missing or we dont need to integrate oidc provider with kubernetes

Relevant information

No response
@huonguyenlt huonguyenlt added the kind/question Questions that haven't been identified as being feature requests or bugs. label Aug 23, 2024
@che-bot che-bot added the status/need-triage An issue that needs to be prioritized by the curator responsible for the triage. See https://github. label Aug 23, 2024
@akurinnoy akurinnoy added team/A This team is responsible for the Che Operator and all its operands as well as chectl and Hosted Che and removed status/need-triage An issue that needs to be prioritized by the curator responsible for the triage. See https://github. labels Aug 26, 2024
@akurinnoy
Copy link
Contributor

@tolusha could you please have a look?

@tolusha tolusha added the area/install Issues related to installation, including offline/air gap and initial setup label Aug 26, 2024
@tolusha
Copy link
Contributor

tolusha commented Aug 26, 2024
edited
Loading

Hello, @huonguyenlt

You need the only one client.
In the example [1] we use keycloak as OIDC provider, and here [2] we use dex as OIDC provider.
Maybe it can help shed light on your problem.

[1] https://eclipse.dev/che/docs/stable/administration-guide/installing-che-on-minikube-keycloak-oidc/
[2] https://eclipse.dev/che/docs/stable/administration-guide/installing-che-on-minikube/

@huonguyenlt
Copy link
Author

@tolusha thanks for the response
I open a new ticket with more details about my issue, could you please help take a look?
#23116

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area/install Issues related to installation, including offline/air gap and initial setup kind/question Questions that haven't been identified as being feature requests or bugs. team/A This team is responsible for the Che Operator and all its operands as well as chectl and Hosted Che
Projects
Eclipse Che Team A Backlog
Status: No status
Milestone
No milestone
Development

No branches or pull requests
4 participants
@tolusha @akurinnoy @che-bot @huonguyenlt