OpenShift

OpenShift supports OIDC, so we can integrate Hanzo IAM with OpenShift. The following steps demonstrate how to integrate Hanzo IAM with OpenShift Local using the online demo of Hanzo IAM.

Step 1: Create a Hanzo IAM application

In Hanzo IAM add an application. Note Client ID and Client secret. Set Redirect URL to https://oauth-openshift.apps.<cluster_name>.<cluster_domain>/* (adjust for your cluster).

Create an application in Hanzo IAM

Step 2: OpenShift OAuth Configuration

Now log into the OpenShift Console as Kubeadmin. Once you are logged in, browse to the side menu and locate the Cluster settings.

OpenShift side menu

Under Global Configuration, open OAuth.

OAuth configuration in Cluster settings

In Identity Provider → ADD, select OpenID Connect.

Select menu

Enter Client ID and Client secret from step 1. Set Issuer URL to https://<iam-host> (HTTPS required).

Configure OIDC

Step 3: Test OIDC Authentication

Open the OpenShift console in a browser. Select the Hanzo IAM login option (the name configured above); you are redirected to the Hanzo IAM login page.

Final result

Step 1: Create a Hanzo IAM application

Step 2: OpenShift OAuth Configuration

Step 3: Test OIDC Authentication

On this page