Add OKTA provider to the core-ceph-local-non-dvr-federation context

Related-Prod: PRODX-45835 Change-Id: Id2fc8b1e41e7867bb1352221b7575be60b549d2f
Mirantis · Sep 4, 2024 · de3929a · de3929a
1 parent 7ae9d82
commit de3929a
Showing 1 changed file with 23 additions and 0 deletions.
diff --git a/examples/osdpl/core-ceph-local-non-dvr-federation.yaml b/examples/osdpl/core-ceph-local-non-dvr-federation.yaml
@@ -103,6 +103,29 @@ spec:
  url: https://keycloak-extra.it.just.works/auth/realms/iam-extra/.well-known/openid-configuration
  oauth2:
  OAuth2TokenVerify: jwks_uri https://keycloak-extra.it.just.works/auth/realms/iam-extra/protocol/openid-connect/certs jwks_uri.ssl_verify=false
+ o1:
+ enabled: true
+ description: OKTA provider
+ issuer: https://example.okta.com/oauth2/default
+ mapping:
+ - local:
+ - user:
+ email: '{0}'
+ name: '{0}'
+ - domain:
+ name: Default
+ groups: m:okta@admin
+ remote:
+ - type: OIDC-email
+ metadata:
+ conf: {}
+ client: {}
+ provider:
+ value_from:
+ from_url:
+ url: https://example.okta.com/oauth2/default/.well-known/openid-configuration
+ oauth2:
+ OAuth2TokenVerify: jwks_uri https://example.okta.com/oauth2/default/v1/keys jwks_uri.ssl_verify=false
  # enabled services and their specific configuration
  services:
  networking: