diff --git a/content/kubermatic/main/architecture/known-issues/_index.en.md b/content/kubermatic/main/architecture/known-issues/_index.en.md index a895a4d47..5cfaaf5e2 100644 --- a/content/kubermatic/main/architecture/known-issues/_index.en.md +++ b/content/kubermatic/main/architecture/known-issues/_index.en.md @@ -7,7 +7,7 @@ weight = 25 ## Overview -This page documents the list of known issues and possible work arounds/solutions. +This page documents the list of known issues and possible workarounds/solutions. ## Oidc refresh tokens are invalidated when the same user/client id pair is authenticated multiple times @@ -32,17 +32,25 @@ The following yaml snippet is an example how to configure an oidc connector to k ```yaml connectors: - - config: + - id: oidc + name: OIDC + type: Google + config: clientID: clientSecret: - orgs: - - name: - redirectURI: https://kubermatic.test/dex/callback - id: github - name: GitHub - type: github - userIDKey: jti - userNameKey: email + redirectURI: https://kkp.example.com/dex/callback + scopes: + - openid + - profile + - email + - offline_access + # Workaround to support multiple user_id/client_id pairs concurrently + # Configurable key for user ID look up + # Default: id + userIDKey: <> + # Optional: Configurable key for user name look up + # Default: user_name + userNameKey: <> ``` #### external provider diff --git a/content/kubermatic/v2.24/architecture/known-issues/_index.en.md b/content/kubermatic/v2.24/architecture/known-issues/_index.en.md index 0cc37510b..ef5648ec1 100644 --- a/content/kubermatic/v2.24/architecture/known-issues/_index.en.md +++ b/content/kubermatic/v2.24/architecture/known-issues/_index.en.md @@ -7,7 +7,7 @@ weight = 25 ## Overview -This page documents the list of known issues and possible work arounds/solutions. +This page documents the list of known issues and possible workarounds/solutions. ## Latest Ubuntu 22.04 image prevents creating new EBS volumes on AWS @@ -188,17 +188,25 @@ The following yaml snippet is an example how to configure an oidc connector to k ```yaml connectors: - - config: + - id: oidc + name: OIDC + type: Google + config: clientID: clientSecret: - orgs: - - name: - redirectURI: https://kubermatic.test/dex/callback - id: github - name: GitHub - type: github - userIDKey: jti - userNameKey: email + redirectURI: https://kkp.example.com/dex/callback + scopes: + - openid + - profile + - email + - offline_access + # Workaround to support multiple user_id/client_id pairs concurrently + # Configurable key for user ID look up + # Default: id + userIDKey: <> + # Optional: Configurable key for user name look up + # Default: user_name + userNameKey: <> ``` #### external provider diff --git a/content/kubermatic/v2.25/architecture/known-issues/_index.en.md b/content/kubermatic/v2.25/architecture/known-issues/_index.en.md index 03a053c2d..14299e485 100644 --- a/content/kubermatic/v2.25/architecture/known-issues/_index.en.md +++ b/content/kubermatic/v2.25/architecture/known-issues/_index.en.md @@ -7,7 +7,7 @@ weight = 25 ## Overview -This page documents the list of known issues and possible work arounds/solutions. +This page documents the list of known issues and possible workarounds/solutions. ## Latest Ubuntu 22.04 image prevents creating new EBS volumes on AWS @@ -173,17 +173,25 @@ The following yaml snippet is an example how to configure an oidc connector to k ```yaml connectors: - - config: + - id: oidc + name: OIDC + type: Google + config: clientID: clientSecret: - orgs: - - name: - redirectURI: https://kubermatic.test/dex/callback - id: github - name: GitHub - type: github - userIDKey: jti - userNameKey: email + redirectURI: https://kkp.example.com/dex/callback + scopes: + - openid + - profile + - email + - offline_access + # Workaround to support multiple user_id/client_id pairs concurrently + # Configurable key for user ID look up + # Default: id + userIDKey: <> + # Optional: Configurable key for user name look up + # Default: user_name + userNameKey: <> ``` #### external provider diff --git a/content/kubermatic/v2.26/architecture/known-issues/_index.en.md b/content/kubermatic/v2.26/architecture/known-issues/_index.en.md index 43405c0fb..b4be1f644 100644 --- a/content/kubermatic/v2.26/architecture/known-issues/_index.en.md +++ b/content/kubermatic/v2.26/architecture/known-issues/_index.en.md @@ -7,7 +7,7 @@ weight = 25 ## Overview -This page documents the list of known issues and possible work arounds/solutions. +This page documents the list of known issues and possible workarounds/solutions. ## Oidc refresh tokens are invalidated when the same user/client id pair is authenticated multiple times @@ -32,17 +32,25 @@ The following yaml snippet is an example how to configure an oidc connector to k ```yaml connectors: - - config: + - id: oidc + name: OIDC + type: Google + config: clientID: clientSecret: - orgs: - - name: - redirectURI: https://kubermatic.test/dex/callback - id: github - name: GitHub - type: github - userIDKey: jti - userNameKey: email + redirectURI: https://kkp.example.com/dex/callback + scopes: + - openid + - profile + - email + - offline_access + # Workaround to support multiple user_id/client_id pairs concurrently + # Configurable key for user ID look up + # Default: id + userIDKey: <> + # Optional: Configurable key for user name look up + # Default: user_name + userNameKey: <> ``` #### external provider diff --git a/content/kubermatic/v2.27/architecture/known-issues/_index.en.md b/content/kubermatic/v2.27/architecture/known-issues/_index.en.md index bb53bcd27..16a9029dc 100644 --- a/content/kubermatic/v2.27/architecture/known-issues/_index.en.md +++ b/content/kubermatic/v2.27/architecture/known-issues/_index.en.md @@ -7,7 +7,7 @@ weight = 25 ## Overview -This page documents the list of known issues and possible work arounds/solutions. +This page documents the list of known issues and possible workarounds/solutions. ## Oidc refresh tokens are invalidated when the same user/client id pair is authenticated multiple times @@ -32,17 +32,25 @@ The following yaml snippet is an example how to configure an oidc connector to k ```yaml connectors: - - config: + - id: oidc + name: OIDC + type: Google + config: clientID: clientSecret: - orgs: - - name: - redirectURI: https://kubermatic.test/dex/callback - id: github - name: GitHub - type: github - userIDKey: jti - userNameKey: email + redirectURI: https://kkp.example.com/dex/callback + scopes: + - openid + - profile + - email + - offline_access + # Workaround to support multiple user_id/client_id pairs concurrently + # Configurable key for user ID look up + # Default: id + userIDKey: <> + # Optional: Configurable key for user name look up + # Default: user_name + userNameKey: <> ``` #### external provider diff --git a/content/kubermatic/v2.28/architecture/known-issues/_index.en.md b/content/kubermatic/v2.28/architecture/known-issues/_index.en.md index 892097498..adf66d67d 100644 --- a/content/kubermatic/v2.28/architecture/known-issues/_index.en.md +++ b/content/kubermatic/v2.28/architecture/known-issues/_index.en.md @@ -7,7 +7,7 @@ weight = 25 ## Overview -This page documents the list of known issues and possible work arounds/solutions. +This page documents the list of known issues and possible workarounds/solutions. ## Oidc refresh tokens are invalidated when the same user/client id pair is authenticated multiple times @@ -32,17 +32,25 @@ The following yaml snippet is an example how to configure an oidc connector to k ```yaml connectors: - - config: + - id: oidc + name: OIDC + type: Google + config: clientID: clientSecret: - orgs: - - name: - redirectURI: https://kubermatic.test/dex/callback - id: github - name: GitHub - type: github - userIDKey: jti - userNameKey: email + redirectURI: https://kkp.example.com/dex/callback + scopes: + - openid + - profile + - email + - offline_access + # Workaround to support multiple user_id/client_id pairs concurrently + # Configurable key for user ID look up + # Default: id + userIDKey: <> + # Optional: Configurable key for user name look up + # Default: user_name + userNameKey: <> ``` #### external provider