OIDC Provider Setup
Choosing Your OIDC Provider
If you do not have access to your own OpenID Connect (OIDC) provider, you can use Dex which is included. It is enabled by default in the Helm chart. The only consideration is how you will provide the certificate to Dex.
Certificate in Referenced Secret object
dex: ingress: authHost: 'auth.company.com' tls: authSecretName: gooddata-cn-auth-tls
Certificate Generated by cert-manager
Dex supports cert-manager annotations to dynamically provision certificates. Example:
dex: ingress: authHost: 'auth.company.com' annotations: cert-manager.io/cluster-issuer: letsencrypt-production
Using your own OIDC provider
You do not need to deploy the Dex if you have your own OIDC provider (Okta, Auth0 and others).
The OIDC provider setup for each Organization is covered in the Administration Guide.