Updated
27 days
ago.
No love.
1 follower.
Has no hacker:
grab it!
Description
Currently Rancher maintains a refresh token to synchronise user data between an upstream OIDC provider and the user.
This token expires (and can be invalidated) and this leads to lots of logged errors indicating that the data couldn't be updated because the refresh token is not valid.
This proposes a declarative controller approach, which would use a set of read-only credentials to synchronise user data.
Goals
- Declaration-based synchronization
- Take ownership of Rancher v3 Users and ensure the data is up-to-date for them by talking to upstream service APIs (LDAP, Keycloak etc).
Future enhancements might involve synchronisation of users into groups too.
Resources
No Hackers yet
Looking for hackers with the skills:
Nothing? Add some keywords!
This project is part of:
Hack Week 24
Comments
Be the first to comment!
Similar Projects
This project is one of its kind!