Oracle Cloud

Spinnaker supports OAuth 2.0 for authentication with Oracle Cloud OAuth.

Configuring Oracle Cloud OAuth 2.0

Consult the Oracle Cloud Documentation to set up OAuth 2.0 and obtain a client ID and client secret.

Configure Halyard

You may configure Halyard either with the CLI or by manually editing the hal config.

Hal config

  1. security:
  2. authn:
  3. oauth2:
  4. enabled: true
  5. client:
  6. clientId: # client ID from above
  7. clientSecret: # client secret from above
  8. accessTokenUri: https://idcs-${idcsTenantId}.identity.oraclecloud.com/oauth2/v1/token
  9. userAuthorizationUri: https://idcs-${idcsTenantId}.identity.oraclecloud.com/oauth2/v1/authorize
  10. scope: openid urn:opc:idm:__myscopes__
  11. resource:
  12. userInfoUri: https://idcs-${idcsTenantId}.identity.oraclecloud.com/oauth2/v1/userinfo
  13. # You may want to restrict access to your Spinnaker by adding
  14. # userInfoRequirements to further restrict access beyond simply requiring
  15. # that users have a valid account.
  16. userInfoRequirements: {}
  17. userInfoMapping:
  18. email: ''
  19. firstName: given_name
  20. lastName: family_name
  21. username: preferred_username
  22. provider: ORACLE

CLI

  1. hal config security authn oauth2 edit --provider oracle \
  2. --client-id (client ID from above) \
  3. --client-secret (client secret from above)
  4. hal config security authn oauth2 enable

Last modified August 28, 2020: fix ordering to match current site (4ca0bf9)