Identity Providers

Grant access to users in your organization

DKP supports GitHub, LDAP, SAML and standard OIDC identity providers such as Google. These identity management providers support the login and authentication process for DKP and your Kubernetes clusters. You can configure as many identity providers as you want, and users can select from any method when logging in.

Benefits of Using an External Identity Provider

Using an external identity provider is beneficial for many reasons:

• Centralized management of multiple users, to multiple clusters

• Centralized management of password rotation, expiration, etc.

• Support of 2-factor-authentication methods for increased security

• Separate storage of user credentials

Prerequisites

To get started with DKP, you must:

• Log in to the UI

Limit Access

• The GitHub provider allows you to specify any of the organizations and teams are eligible for access.

• The LDAP provider allows you to configure search filters for either users or groups.

• The OIDC provider cannot limit users based on identity.

• The SAML provider allows users to log in using a single sign-on (SSO) profile.

Configure an Identity Provider via the UI

1. From the drop down, select the Global workspace.

2. Select Administration > Identity Providers.

3. Select the Identity Providers tab.

4. Select + Add Identity Provider.

5. Select an identity provider and complete the form field with the relevant details.

6. Select Save to create your Identity Provider.

Temporarily Disabling a Provider

Select the three dot button on the Identity Providers table and select Disable from the drop-down menu. The provider option no longer appears on the login screen.

Groups

Access control groups are configured in the Groups tab of the Identity Providers page. See Access Control for an overview of groups in DKP.