From db26acc1cf4701a8a262a1e372ae2dea25008d70 Mon Sep 17 00:00:00 2001 From: Julian Einhaus Date: Wed, 3 Apr 2024 11:18:18 +0200 Subject: [PATCH] docs(flyte-core): add missing key `adminServer` in authentication guide --- docs/deployment/configuration/auth_setup.rst | 63 ++++++++++---------- 1 file changed, 32 insertions(+), 31 deletions(-) diff --git a/docs/deployment/configuration/auth_setup.rst b/docs/deployment/configuration/auth_setup.rst index 1131c30e98c..af47b6063e1 100644 --- a/docs/deployment/configuration/auth_setup.rst +++ b/docs/deployment/configuration/auth_setup.rst @@ -558,42 +558,43 @@ Follow the steps in this section to configure `flyteadmin` to use an external au .. code-block:: yaml configmap: - auth: - appAuth: + adminServer: + auth: + appAuth: - authServerType: External + authServerType: External - # 2. Optional: Set external auth server baseUrl if different from OpenId baseUrl. - externalAuthServer: - # baseUrl: https:///auth/realms/ # Uncomment for Keycloak and update with your installation host and realm name - # baseUrl: https://login.microsoftonline.com//oauth2/v2.0/authorize # Uncomment for Azure AD - # For Okta, use the Issuer URI of the custom auth server: - baseUrl: https://dev-.okta.com/oauth2/ + # 2. Optional: Set external auth server baseUrl if different from OpenId baseUrl. + externalAuthServer: + # baseUrl: https:///auth/realms/ # Uncomment for Keycloak and update with your installation host and realm name + # baseUrl: https://login.microsoftonline.com//oauth2/v2.0/authorize # Uncomment for Azure AD + # For Okta, use the Issuer URI of the custom auth server: + baseUrl: https://dev-.okta.com/oauth2/ - metadataUrl: .well-known/openid-configuration + metadataUrl: .well-known/openid-configuration - thirdPartyConfig: - flyteClient: - # 3. Replace with a new Native/Public Client ID provisioned in the custom authorization server. - clientId: flytectl - # This should not change - redirectUri: http://localhost:53593/callback - # 4. "all" is a required scope and must be configured in the custom authorization server. - scopes: - - offline - - all + thirdPartyConfig: + flyteClient: + # 3. Replace with a new Native/Public Client ID provisioned in the custom authorization server. + clientId: flytectl + # This should not change + redirectUri: http://localhost:53593/callback + # 4. "all" is a required scope and must be configured in the custom authorization server. + scopes: + - offline + - all - userAuth: - openId: - # baseUrl: https:///auth/realms/ # Uncomment for Keycloak and update with your installation host and realm name - # baseUrl: https://login.microsoftonline.com//oauth2/v2.0/authorize # Uncomment for Azure AD - # For Okta, use the Issuer URI of the custom auth server: - baseUrl: https://dev-.okta.com/oauth2/ - scopes: - - profile - - openid - # - offline_access # Uncomment if OIdC supports issuing refresh tokens. - clientId: + userAuth: + openId: + # baseUrl: https:///auth/realms/ # Uncomment for Keycloak and update with your installation host and realm name + # baseUrl: https://login.microsoftonline.com//oauth2/v2.0/authorize # Uncomment for Azure AD + # For Okta, use the Issuer URI of the custom auth server: + baseUrl: https://dev-.okta.com/oauth2/ + scopes: + - profile + - openid + # - offline_access # Uncomment if OIdC supports issuing refresh tokens. + clientId: secrets: