Kubernetes Authentication and SSO
OpenUnison provides SSO and authentication for your Kubernetes clusters, no matter where they run or how your users need to authenticate.
- Authentication for on-prem and cloud managed clusters
kubectlconfiguration on MacOS, Linux, and Windows
- Plugin for zero-configuration
- Secure Dashboard Access
- Use identity provider's groups in RBAC
- Works with cluster management applications such as ArgocD, Kiali, and more!
- Short-lived tokens transparently refresh with no impact on developers
- Logout of your web session invalidates your
- Supports multiple clusters with a decentralized deployment
See how OpenUnison will increase the security of your clusters in addition to making your developers happy!
kubectl SSO For Windows, Linux, and MacOS
The Orchestra portal provides kubectl commands for all of your user's operating systems. Windows, Linux, and MacOS commands are all generated. The commands include certificates for your API server and OpenUnison portal, so there are no certificates to distribute! These commands don't require you to pre-distribute a configuration file and work both locally and with remote jump boxes.
Skip the portal and get straight into
kubectl with OpenUnison's
oulogin plugin. This plugin will launch a browser for you, authenticate you, and generate your entire
kubectl configuration without pre-distributing a configuration file. Simple as
Secure Access To the Dashboard
OpenUnison provides secure access to your dashboard without creating service accounts. Your identity is used by the dashboard to interact with the API server, which means the dashboard runs without privileges of its own.