mirrors/pinniped
1
0
Fork 0
mirror of https://github.com/vmware-tanzu/pinniped.git synced 2026-05-30 19:46:40 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Further explain the webhook API in architecture.md

Browse Source
This commit is contained in:
Ryan Richard
2020-09-15 16:18:48 -07:00
parent 43c69ec339
commit 67de7f5646
1 changed files with 7 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
doc/architecture.md
View File

@@ -31,7 +31,13 @@ The currently supported external IDP types are outlined here. More will be added
in the future.
1. Any webhook which implements the
[Kubernetes TokenReview API](https://kubernetes.io/docs/reference/access-authn-authz/authentication/#webhook-token-authentication)
[Kubernetes TokenReview API](https://kubernetes.io/docs/reference/access-authn-authz/authentication/#webhook-token-authentication).
In addition to allowing the integration of any existing IDP which implements this API, webhooks also
serve as an extension point for Pinniped by allowing for integration of arbitrary custom authenticators.
While a custom implementation may be in any language or framework, this project provides a
sample implementation in Golang. See the `ServeHTTP` method of
[cmd/local-user-authenticator/main.go](../cmd/local-user-authenticator/main.go).
## Cluster Integration Strategies