-
Notifications
You must be signed in to change notification settings - Fork 80
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add proposal for identity aware proxy authentication mode #233
base: main
Are you sure you want to change the base?
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
makes sense to me, IMO, there are many companies out there that are doing it.
I think what would help the proposal to get approval is:
- Highlight use cases where OIDC isn't possible
- Highlight use cases and integration options that would become possible with that. (the k8s one is good step, but I am sure there are more)
@shengjiang3 can you fix DCO please |
Adds a proposal for identity aware proxy authentication mode in Harbor. Signed-off-by: Sheng Jiang <[email protected]>
Adds a proposal for identity aware proxy authentication mode in Harbor. Signed-off-by: Sheng Jiang <[email protected]>
- Added a section for where OIDC is not possible. - Added a section for integration and use case. Signed-off-by: Sheng Jiang <[email protected]>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Could you please add more detail for the implementation? such as the configuration item and give some brief introductions to the key change to implement it?
Add a proposal for the Identity Aware proxy authentication mode. The identity aware proxy authentication mode is intended for Harbor to verify and use the identity token from an upstream identity proxy for the user identity.