You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/admin/runai-setup/authentication/authentication-overview.md
+10-10Lines changed: 10 additions & 10 deletions
Original file line number
Diff line number
Diff line change
@@ -7,39 +7,39 @@ Authentication verifies user identity during login, and Authorization assigns th
7
7
8
8
Authenticated access is required to use all aspects of the Run:ai interfaces, including the Run:ai platform, the Run:ai Command Line Interface (CLI) and APIs.
9
9
10
-
## **Authentication**
10
+
## Authentication
11
11
12
12
There are multiple methods to authenticate and access Run:ai.
13
13
14
-
### **Single Sign-On (SSO)**
14
+
### Single Sign-On (SSO)
15
15
16
16
Single Sign-On (SSO) is the preferred authentication method by large organizations, as it avoids the need to manage duplicate sets of user identities.
17
17
18
18
Run:ai offers SSO integration, enabling users to utilize existing organizational credentials to access Run:ai without requiring dedicated credentials.
19
19
20
-
Run:ai supports three methods to setup SSO:
20
+
Run:ai supports three methods to set up SSO:
21
21
22
-
* SAML
23
-
* OpenID Connect (OIDC)
24
-
* OpenShift
22
+
*[SAML](sso/saml.md)
23
+
*[OpenID Connect (OIDC)](sso/openidconnect.md)
24
+
*[OpenShift](sso/openshift.md)
25
25
26
26
When using SSO, it is highly recommended to manage at least one local user, as a breakglass account (an emergency account), in case access to SSO is not possible.
27
27
28
-
### **Username and password**
28
+
### Username and password
29
29
30
30
Username and password access can be used when SSO integration is not possible.
Secret is the authentication method for Applications. Applications use the Run:ai APIs to perform automated tasks including scripts and pipelines based on its assigned access rules.
35
35
36
-
## **Authorization**
36
+
## Authorization
37
37
38
38
The Run:ai platform uses Role Base Access Control (RBAC) to manage authorization.
39
39
40
40
Once a user or an application is authenticated, they can perform actions according to their assigned access rules.
41
41
42
-
### **Role Based Access Control (RBAC) in Run:ai**
42
+
### Role Based Access Control (RBAC) in Run:ai
43
43
44
44
While Kubernetes RBAC is limited to a single cluster, Run:ai expands the scope of Kubernetes RBAC, making it easy for administrators to manage access rules across multiple clusters.
0 commit comments