Skip to main content
Skip table of contents

Identity Providers

Grant access to users in your organization.

DKP supports GitHub, LDAP, SAML and standard OIDC identity providers such as Google. These identity management providers support the login and authentication process for DKP and your Kubernetes clusters.

You can configure as many identity providers as you want, and users can select from any method when logging in. If you have multiple workspaces in your environment, you can use a single identity provider to manage access to all of them, or choose to configure an identity provider per workspace.

Configuring a dedicated identity provider per workspace can be useful if you want to keep access to your workspaces separate. In this case, users of a specific workspace will have a dedicated login page with the identity provider options configured for their workspace. This setup is particularly helpful if you have multiple tenants.

Benefits of Using an External Identity Provider

Using an external identity provider is beneficial for many reasons:

  • Centralized management of multiple users, to multiple clusters

  • Centralized management of password rotation, expiration, etc.

  • Support of 2-factor-authentication methods for increased security

  • Separate storage of user credentials

Prerequisites

To get started with DKP, you must:

Limit Access

  • The GitHub provider allows you to specify any of the organizations and teams are eligible for access.

  • The LDAP provider allows you to configure search filters for either users or groups.

  • The OIDC provider cannot limit users based on identity.

  • The SAML provider allows users to log in using a single sign-on (SSO) profile.

Configure an Identity Provider via the UI

  1. From the drop-down menu, select the Global workspace.

  2. Select Administration > Identity Providers.

  3. Select the Identity Providers tab.

  4. Select + Add Identity Provider.

  5. Select an identity provider.

  6. Select the target workspace for the identity provider and complete the form field with the relevant details.

You can configure an identity provider globally, for your entire organization (All Workspaces option), or per workspace, enabling multi-tenancy. See How do I enable multi-tenancy? for more information.

  1. Select Save to create your Identity Provider.

Temporarily Disabling a Provider

Select the three-dot button on the Identity Providers table and select Disable from the drop-down menu. The provider option no longer appears on the login screen.

Groups

These pages refer to DKP Enterprise and DKP Gov Advanced products.

Access control groups are configured in the Groups tab of the Identity Providers page. See Access Control for an overview of groups in DKP.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close