DE 

//Cloudogu EcoSystem Docs

Example configuration for delegated authentication with OIDC

This is an example configuration for delegated authentication in CAS via OIDC. These values can be entered directly in the cas-config-ConfigMap in CES-MN. For Classic-CES, they must be entered accordingly in the ETCD.

oidc:
  enabled: "true"
  discovery_uri: "http://192.168.56.1:8080/auth/realms/Cloudogu/.well-known/openid-configuration"
  client_id: "cesCasClient"
  client_secret: "MySecretSecret"
  #redirect_uri: "https://platform.cloudogu.com/de/"                                                                                                                                                             
  display_name: "Cloudogu-Platform"
  optional: "true"
  scopes: "openid email profile GroupScope"
  principal_attribute: "preferred_username"
  attribute_mapping: "email:mail,family_name:surname,given_name:givenName,preferred_username:username,name:displayName,groups:externalGroups"
  allowed_groups: "Gruppe2, Gruppe3"
  initial_admin_usernames: "user1, testAdmin"                 

Attention: In production mode, the config value for client_secret should be entered in the Kubernetes-Secret of the CAS-Config.