forked from rancher/rancher-docs
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add JWT Authentication page for v2.9 feature rancher#1373
- Loading branch information
1 parent
2d6ede4
commit d3a8967
Showing
2 changed files
with
23 additions
and
1 deletion.
There are no files selected for viewing
22 changes: 22 additions & 0 deletions
22
...uides/authentication-permissions-and-global-configuration/jwt-authentication.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,22 @@ | ||
| --- | ||
| title: JWT Authenticaiton | ||
| --- | ||
| <!-- Edit Canonical Link --> | ||
| <head> | ||
| <link rel="canonical" href="https://ranchermanager.docs.rancher.com/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/jwt-authentication"/> | ||
| </head> | ||
|
|
||
| Many 3rd party integrations available for Kubernetes, such as Gitlab and Hashicorp Vault, involve giving an external process access to the Kubernetes API using a native Kubernetes Service Account token for authentication. | ||
|
|
||
| In Rancher v2.9.0 and later, you can enable a downstream cluster to support JWT authentication of tokens created for a service account on a downstream cluster through the Rancher authentication proxy. Prior to this feature, Rancher rejects such requests because Rancher only supports Rancher-issued tokens. | ||
|
|
||
| :::note | ||
| JWT authentication is also known as service account token authentication. | ||
| ::: | ||
|
|
||
| To enable this feature, follow these steps: | ||
|
|
||
| 1. In the upper left corner, click **☰ > Cluster Management**. | ||
| 1. Click **Advanced** to open the dropdown menu. | ||
| 1. Select **JWT Authentication**. | ||
| 1. Click the checkbox for the cluster you want to enable JWT authentication for, and click **Enable**. Alternatively, you can click **⋮** > **Enable**. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters