Appendix D. Configuring identity providers
Many different user databases are available to IT professionals for managing access and authentication. To interoperate with as many of these as possible, OpenShift provides 11 identity providers that interface with various user databases, including the Allow All provider that you’ve been using in your cluster up to this point. These providers are as follows:
- Allow All— Allows any username and non-empty password to log in
- Deny All— Doesn’t allow any usernames and passwords to log in
- htpasswd— Authenticates with Apache htpasswd database files
- Keystone— Uses OpenStack Keystone as the authentication source
- LDAP— Authenticates against an LDAP provider like openLDAP
- Basic— Uses Apache Basic authentication on a remote server to authenticate users
- Request Header— Uses custom HTTP headers for user authentication
- GitHub— Authenticates with GitHub using OAuth
- GitLab— Authenticates with GitLab using OAuth
- Google— Uses Google OpenID Connect for authentication
- OpenID Connect— Uses OpenID Connect with a source other than Google
Different authentication providers have different options that are specific to each provider’s unique format. For example, the options available for the htpasswd provider are different than those required for the GitHub provider, because these providers access such different user databases.