cli icon indicating copy to clipboard operation
cli copied to clipboard
verified publisher icon confluentinc

[CLI-2816] On-prem OAuth SSO support

Open sgagniere opened this issue 1 year ago • 1 comments

Release Notes

Breaking Changes

  • PLACEHOLDER

New Features

  • Support on-premises SSO authentication with confluent login

Bug Fixes

  • PLACEHOLDER

Checklist

  • [x] Leave this box unchecked if features are not yet available in production

What

Add support for on-premises SSO authentication when oidc.login.device.1.enabled is enabled.

When both SSO and LDAP are enabled (which is possible for on-prem), we should prefer SSO. So the current order of precedence is prompt flag > environment variables (SSO > LDAP) > LDAP (keychain > config > netrc) > SSO > LDAP (prompt).

References

Test & Review

Manual testing

sgagniere avatar Feb 24 '24 02:02 sgagniere

Support on-premises SSO authentication with confluent login

Would it make sense to say confluent login --url <sso-enabled-mds-url> in this release note? (Not sure on the specific terminology)

brianstrauch avatar Feb 27 '24 20:02 brianstrauch