Looks like this might now be possible.

I'm going to follow your notes on this (as I've been doing for my entire setup this past week +). Was just trying this last night and found that their OIDC config performs user impersonation against the kube api and I didn't set up my k3s cluster with an OIDC provide (which seems kind of chicken and egg if I run authelia in cluster). Anyways, looking forward to seeing how you tackle this

That was my experience before. I was hoping that I could use Authelia and impersonate my username defined there as a cluster admin. This still might but be possible but I'll try when I have time.

@chrisbsmith I was able to get this working. You can check out my wego and authelia config if interested in adding it.