Skip to content

Commit

Permalink
Update examples/kustomization/operator-external-idp-oid/README.md
Browse files Browse the repository at this point in the history 
Co-authored-by: Ravind Kumar <ravindk89@gmail.com>
  • Loading branch information
@pjuarezd @ravindk89
pjuarezd and ravindk89 committed Jan 29, 2024
1 parent 22c9fab commit 7656315
Showing 1 changed file with 6 additions and 0 deletions.
6 changes: 6 additions & 0 deletions examples/kustomization/operator-external-idp-oid/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -64,6 +64,12 @@ Operator Console is a standalone application that identifies itself to the OpenI
- `CONSOLE_IDP_CLIENT_ID` (client id)
- `CONSOLE_IDP_SECRET` (client secret)

### Access Management

All users in the OIDC realm have access to the Operator Console upon successful authentication.

To restrict access, create a new OIDC realm and use the client ID/Secret for that realm when configuring OIDC.

### Scopes:

In OAuth2, scopes defines the specific actions that an application (client) is allowed to perform. If the `Client` has assigned scopes to the OpenID server to allow login in Operator Console, such scopes need to be set to Operator Console in the `CONSOLE_IDP_SCOPES` environment variable. This value should be a comma delimited string. If no value is provided, the default is `openid,profile,email`.
Expand Down

0 comments on commit 7656315

Please sign in to comment.