README
¶
Authenticator - OIDC
| Status | |
|---|---|
| Stability | beta |
| Distributions | contrib |
| Issues |   |
| Code Owners | @jpkrohling |
This extension implements a configauth.ServerAuthenticator, to be used in receivers inside the auth settings. The authenticator type has to be set to oidc.
Configuration
extensions:
oidc:
issuer_url: http://localhost:8080/auth/realms/opentelemetry
issuer_ca_path: /etc/pki/tls/cert.pem
audience: account
username_claim: email
receivers:
otlp:
protocols:
grpc:
auth:
authenticator: oidc
processors:
exporters:
debug:
verbosity: detailed
service:
extensions: [oidc]
pipelines:
traces:
receivers: [otlp]
processors: []
exporters: [debug]
Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func NewFactory ¶
NewFactory creates a factory for the OIDC Authenticator extension.
Types ¶
type Config ¶
type Config struct {
// The attribute (header name) to look for auth data. Optional, default value: "authorization".
Attribute string `mapstructure:"attribute"`
// IssuerURL is the base URL for the OIDC provider.
// Required.
IssuerURL string `mapstructure:"issuer_url"`
// Audience of the token, used during the verification.
// For example: "https://accounts.google.com" or "https://login.salesforce.com".
// Required.
Audience string `mapstructure:"audience"`
// The local path for the issuer CA's TLS server cert.
// Optional.
IssuerCAPath string `mapstructure:"issuer_ca_path"`
// The claim to use as the username, in case the token's 'sub' isn't the suitable source.
// Optional.
UsernameClaim string `mapstructure:"username_claim"`
// The claim that holds the subject's group membership information.
// Optional.
GroupsClaim string `mapstructure:"groups_claim"`
}
Config has the configuration for the OIDC Authenticator extension.
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.