Configuring PKS as an OIDC Provider

Page last updated:

The authentication and authorization processes for Build Service use a combination of RBAC rules and third-party authentication, including OpenID Connect (OIDC). You may configure UAA as an OIDC provider for your PKS deployment to provide authentication for Build Service.

To configure UAA as an OIDC provider for your PKS deployment:

  1. Navigate to the OpsManager Installation Dashboard.

  2. Click the PKS tile.

  3. Select UAA.

  4. Under Configure created clusters to use UAA as the OIDC provider, select Enable.

  5. Ensure the values in the UAA OIDC Groups Prefix and UAA OIDC Username Prefix fields are the same and record them. Eg. "oidc:". You will need these values during the installation of Build Service.

    Note: Ensure you add a : at the end of the desired prefix.

  6. Click Save.

  7. In the OpsManager Installation Dashboard, click Review Pending Changes, then Apply Changes.