Skip to content

Commit 0db5189

Browse files
kaitlynmichaelkaitlynmichael
committed
correct enable sso
1 parent 68ab71a commit 0db5189

File tree

1 file changed

+6
-0
lines changed
  • content/operate/kubernetes/security

1 file changed

+6
-0
lines changed

content/operate/kubernetes/security/sso.md

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -79,6 +79,8 @@ The Service Provider certificate is used by the cluster to sign SAML requests an
7979
certificates:
8080
ssoServiceCertificateSecretName: sso-service-cert
8181
sso:
82+
enabled: false # SSO not yet active - set to true in Step 7 after completing configuration
83+
enforceSSO: false # Optional: set to true to disable local authentication for non-admin users
8284
saml:
8385
spMetadataSecretName: sp-metadata # Optional: store SP metadata in a secret
8486
serviceProvider:
@@ -238,6 +240,8 @@ Using IdP metadata XML is the recommended approach as it's less error-prone.
238240
ssoServiceCertificateSecretName: sso-service-cert
239241
ssoIssuerCertificateSecretName: sso-issuer-cert
240242
sso:
243+
enabled: false # SSO not yet active - set to true in Step 7 after completing configuration
244+
enforceSSO: false # Optional: set to true to disable local authentication for non-admin users
241245
saml:
242246
idpMetadataSecretName: idp-metadata
243247
spMetadataSecretName: sp-metadata
@@ -263,6 +267,8 @@ If IdP metadata XML is unavailable, you can manually configure the issuer settin
263267
ssoServiceCertificateSecretName: sso-service-cert
264268
ssoIssuerCertificateSecretName: sso-issuer-cert
265269
sso:
270+
enabled: false # SSO not yet active - set to true in Step 7 after completing configuration
271+
enforceSSO: false # Optional: set to true to disable local authentication for non-admin users
266272
saml:
267273
issuer:
268274
entityID: "urn:sso:example:idp"

0 commit comments

Comments
 (0)