Authentication
CyVerse Authentication via Keycloak, CILogon, & OAUTH
sequenceDiagram
autonumber
User->>Browser: Click on external Auth
Browser-->>Keycloak: Authentication request (TOKEN)
loop
Keycloak-->>Browser: Browser opened with ../auth?=client_id=de-prod=TOKEN
end
Keycloak-->>CILogon: Auth Request
User->>CILogon: Enter Credentials
Keycloak-->>OAUTH: Auth Response
CILogon-->>Keycloak: Auth Response
Browser-->>OAUTH: Ask for Token
OAUTH-->>Browser: Retrieve Token
Mermaid Diagram Users authenticate (starting on left side) via their browser, which passes through Keycloack to either CILogon or OAUTH.
Keycloak service manages authenticaation via CILogon and OAUTH.
Keycloak¶
Keycloak is provisioned and deployed as part of the main K8s
Keycloak provisioning with K8s