Skip to end of banner Go to start of banner

Configure Google OAuth2 Authentication

Skip to end of metadata

Created by Ashish Hanwadikar, last modified by Abhishek Chaturvedi on Jun 05, 2023

Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

To enable Google OAuth2, you need to register a new application with Google.

If upgrading Kloudfuse release 1.3.4 and earlier, please make sure to follow post upgrade steps after finishing upgrade.

Create Google OAuth2 Keys

Go to the Credentials page.
Click Create credentials > OAuth client ID.
Select the Web application application type.
Enter Name (e.g. Kloudfuse)
Enter URL of the kloudfuse installation in the Authorized JavaScript Origins. Example: kloudfuse.yourcompany.com
Click Create
Copy the Client ID and Client Secret from the ‘OAuth Client’ modal. It is required for further steps.

Enable Google Auth in Kloudfuse

Option 1. Using Client ID & Secret

In your custom values.yaml, add google client ID and secret:

 kfuse-auth:
   oauth2-proxy:
     config:
       clientID: "REPLACE_CLIENT_ID"
       clientSecret: "REPLACE_CLIENT_SECRET"

Option 2. Using a Kubernetes secrets.

Create 2 kubernetes secrets.
- Create secret called kfuse-auth-users as mentioned here.
- Create secret called kfuse-auth. Use these steps to generate cookie secret.

apiVersion: v1
data:
  client-id: <base 64 encoded google client id>
  client-secret: <base 64 encoded google client secret>
  cookie-secret: <base 64 encoded random value>
kind: Secret
metadata:
   name: kfuse-auth
type: Opaque

and refer it from your custom values.yaml by adding the following

kfuse-auth:
  oauth2-proxy:
    config:
      existingSecret: "kfuse-google-auth"
    htpasswdFile:
      existingSecret: "kfuse-auth-users"

No labels