Kubernetes Authentication and SSO
OpenUnison provides SSO and authentication for your Kubernetes clusters, no matter where they run or how your users need to authenticate.
Simplify Access
- Authentication for on-prem and cloud managed clusters
- Generates
kubectlconfiguration on MacOS, Linux, and Windows - Plugin for zero-configuration
kubectlaccess - Secure Dashboard Access
- Use identity provider's groups in RBAC
RoleBindingandClusterRoleBindingobjects - Works with cluster management applications such as ArgocD, Kiali, and more!
Increase Security
- Short-lived tokens transparently refresh with no impact on developers
- Logout of your web session invalidates your
kubectlsession - Supports multiple clusters with a decentralized deployment
See how OpenUnison will increase the security of your clusters in addition to making your developers happy!
kubectl SSO For Windows, Linux, and MacOS
The Orchestra portal provides kubectl commands for all of your user's operating systems. Windows, Linux, and MacOS commands are all generated. The commands include certificates for your API server and OpenUnison portal, so there are no certificates to distribute! These commands don't require you to pre-distribute a configuration file and work both locally and with remote jump boxes.
kubectl Plugin
Skip the portal and get straight into kubectl with OpenUnison's oulogin plugin. This plugin will launch a browser for you, authenticate you, and generate your entire kubectl configuration without pre-distributing a configuration file. Simple as kubectl oulogin!
Secure Access To the Dashboard
OpenUnison provides secure access to your dashboard without creating service accounts. Your identity is used by the dashboard to interact with the API server, which means the dashboard runs without privileges of its own.
