Example Kubernetes Authentication helper. Performs OIDC login and configures Kubectl appropriately.
Clone or download
Latest commit 95073ff Feb 27, 2018
Type Name Latest commit message Commit time
Failed to load latest commit information.
.gitignore Add initial example app Feb 27, 2018
CONTRIBUTING.md Add initial example app Feb 27, 2018
Gopkg.lock Add initial example app Feb 27, 2018
Gopkg.toml Add initial example app Feb 27, 2018
LICENSE Add license Feb 27, 2018
README.md Add initial example app Feb 27, 2018
main.go Add initial example app Feb 27, 2018
templates.go Add initial example app Feb 27, 2018


Kubernetes Authentication Example

This code is provided verbatim as an example of how to connect to an OIDC provider and authenticate users before configuring their kubeconfig.

At Pusher, we distribute a copy of this app to our engineers which sources all required information from Vault and configures their cluster contexts as well.

You may also wish to build your own version of this app, sourcing it's configuration automatically, to improve your user-experience.


This project started life as the Dex example app.


You will need to configure an OIDC application with your Identity Provider.

The redirect URI should be and you will need to make a note of the issuer URL and the client secret that you set/are given.

We use Dex so I've included an example Dex config snippet below:

- id: kubernetes
  - ''
  name: 'Kubernetes API'
  secret: c3VwZXJzZWNyZXRzdHJpbmcK

With this configuration, and a Dex instance running at https://auth.exmaple.com/dex, the following command will initiate the login flow:

./k8s-auth-example --client-secret c3VwZXJzZWNyZXRzdHJpbmcK --client-id kubernetes --issuer https://auth.exmaple.com/dex


The application is written in Go using dep as the package manager. The following will get you your first build:

go get git@github.com/pusher/k8s-auth-example
cd $GOPATH/src/github.com/pusher/k8s-auth-example
dep ensure
go build -o k8s-auth


  • Found a bug? Please open an issue.
  • Have a feature request. Please open an issue.
  • If you want to contribute, please submit a pull request


Please see our Contributing guidelines.


This project is licensed under Apache 2.0 and a copy of the license is available here.