Configuring identity provider-based authentication
To provide Single Sign-On (SSO) in your organization, you can configure DC/OS Enterprise to authenticate users against one or more external user identity providers. In contrast to directory-based authentication, the identity provider-based authentication is not as rich (less information available) but more flexible for individual users.
When a user attempts to log on from the DC/OS GUI, they will be presented with a list of the third-party identity providers that you have configured. They can click the one that they have an account with for SSO.
Users logging in from the DC/OS CLI can use the following command to discover the names of the IdPs that have been configured
dcos auth list-providers. They can then use the following command to log in using an IdP
dcos auth login --provider=<provider-name> --username=<user-email> --password=<secret-password.
Adding a SAML identity provider
This topic discusses what's required of SAML IdPs in general and provides a step-by-step procedure for setting up a OneLogin IdP.…Read More
Adding an OpenID Connect identity provider
This topic discusses OpenID Connect IdPs in general and provides a step-by-step procedure for setting up a Google OpenID Connect IdP. …Read More