Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add proposal for identity aware proxy authentication mode #233

Open
wants to merge 3 commits into
base: main
Choose a base branch
from

Conversation

shengjiang3
Copy link

Add a proposal for the Identity Aware proxy authentication mode. The identity aware proxy authentication mode is intended for Harbor to verify and use the identity token from an upstream identity proxy for the user identity.

Copy link
Member

@Vad1mo Vad1mo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

makes sense to me, IMO, there are many companies out there that are doing it.

I think what would help the proposal to get approval is:

  • Highlight use cases where OIDC isn't possible
  • Highlight use cases and integration options that would become possible with that. (the k8s one is good step, but I am sure there are more)

@OrlinVasilev
Copy link
Member

@shengjiang3 can you fix DCO please

Adds a proposal for identity aware proxy authentication mode in Harbor.

Signed-off-by: Sheng Jiang <[email protected]>
Adds a proposal for identity aware proxy authentication mode in Harbor.

Signed-off-by: Sheng Jiang <[email protected]>
- Added a section for where OIDC is not possible.
- Added a section for integration and use case.

Signed-off-by: Sheng Jiang <[email protected]>
@wy65701436 wy65701436 added the area/auth Any thing related with auth label Nov 7, 2023
Copy link
Contributor

@stonezdj stonezdj left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could you please add more detail for the implementation? such as the configuration item and give some brief introductions to the key change to implement it?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
area/auth Any thing related with auth
Projects
None yet
Development

Successfully merging this pull request may close these issues.

7 participants