Rancher Identity Provisioning
an invention by pmatseykanets
Updated 20 days ago. 2 hacker ♥️. 1 follower.

Description

Explore possibilities of implementing SCIM service provider in Rancher to be able to automatically sync user identity information with the identity provider (Okta, Microsoft Entra ID).

Goals

Create a POC integrating Rancher with an IdP SCIM client (e.g. Okta).

Resources

RFC7644 System for Cross-domain Identity Management: Protocol

Results

Draft PR with experimental implementation can be found here.

Tested Group and User provisioning with Okta.

To make it compliant with Microsoft EntraID requires:

  • allowing changing the user's principal ID (the name of the user object currently is derived from the principal id, which is a problem)
  • allowing changing the group principal ID (requires touching/updating RBAC objects that reference the group principal id) text text text

Looking for hackers with the skills:

Nothing? Add some keywords!

This project is part of:

Hack Week 25

Activity

  • about 1 month ago: pgonin liked this project.
  • about 1 month ago: pmatseykanets liked this project.
  • about 1 month ago: pmatseykanets started this project.
  • about 1 month ago: pmatseykanets originated this project.


    • Comments

    Be the first to comment!

    Similar Projects

    This project is one of its kind!