DexClient
Scope: Namespaced
Allows applications that support DC authentication to interact with Dex.
After the DexClient
object appears in the cluster:
- Dex will register a client with a
dex-client-<NAME>@<NAMESPACE>
clientID, where<NAME>
and<NAMESPACE>
aremetadata.name
andmetadata.namespace
of the DexClient object, respectively. - A
dex-client-<NAME>
Secret containing the client access password (clientSecret) will be created in the corresponding namespace (where<NAME>
ismetadata.name
of the DexClient object).
- spec
Required value
- spec.allowedEmails
A list of emails of users are allowed to connect to the client.
By default, all users can connect.
Default:
All users are allowed.
- spec.allowedGroups
A list of groups whose members are allowed to connect to the client; By default, all groups can connect.
- spec.redirectURIs
Array or urls that Dex can redirect to after successful authentication.
- spec.trustedPeers
OAuth2 client IDs that allowed cross authentication with the current client.
Deprecated resource. Support for the resource might be removed in a later release.
Allows applications that support DC authentication to interact with Dex.
After the DexClient
object appears in the cluster:
- Dex will register a client with a
dex-client-<NAME>@<NAMESPACE>
clientID, where<NAME>
and<NAMESPACE>
aremetadata.name
andmetadata.namespace
of the DexClient object, respectively. - A
dex-client-<NAME>
Secret containing the client access password (clientSecret) will be created in the corresponding namespace (where<NAME>
ismetadata.name
of the DexClient object).
- spec
Required value
- spec.allowedEmails
A list of emails of users are allowed to connect to the client.
By default, all users can connect.
Default:
All users are allowed.
- spec.allowedGroups
A list of groups whose members are allowed to connect to the client; By default, all groups can connect.
- spec.redirectURIs
Array or urls that Dex can redirect to after successful authentication.
- spec.trustedPeers
OAuth2 client IDs that allowed cross authentication with the current client.