This is an experiment on how to use KeyCloak to enable SAML 2.0 authentication in Okteto
- Install Okteto Self-Hosted in your Kubernetes cluster
- Install Keycloak on your cluster (you can use docker-compose + the okteto CLI to deploy it in your cluster ;) )
- Create a Keycloak client of type Open ID 2.0 Connect
- Configure your Okteto instance to use Keycloak as the Open ID 2.0 Connect auth provider
- Connect your SAML 2.0 authentication provider with Keycloak (I followed this guide to use Okta)
- Log in to Okteto
When you log in to Okteto, Oketo will pop up the Keycloak authentication UI. There, you can click on "Or Log in with XXX" button to log in with your SAML provider. If everything is configured correctly, the flow will end with you logged into the Okteto UI.