OAuth configuration
The Oauth configuration section allows a user to specify the desired Oauth configuration for the internal Openshift Oauth server. Guest cluster kube admin password will be exposed only when user has not explicitly specified the OAuth configuration. An example configuration for an openID identity provider is shown below:
apiVersion: hypershift.openshift.io/v1alpha1
kind: HostedCluster
metadata:
name: example
namespace: master
spec:
configuration:
items:
- apiVersion: config.openshift.io/v1
kind: OAuth
metadata:
name: "example"
spec:
identityProviders:
- openID:
claims:
email:
- email
name:
- name
preferredUsername:
- preferred_username
clientID: clientid1
clientSecret:
name: clientid1-secret-name
issuer: https://example.com/identity
mappingMethod: lookup
name: IAM
type: OpenID
secretRefs:
- name: "clientid1-secret-name"
For more details on the individual identity providers: refer to upstream openshift documentation