Installation of Telicent Authorization Server
The Telicent Authorization Server is an integral part of the Telicent CORE platform and as such will be installed as part of the wider platform itself.
Further configuration of the installation is controlled via the telicent-core / auth component’s Helm chart, see Configuration (Auth Server) for more details.
The Helm chart README.md page contains extensive information on the different Helm chart parameters for the Authorization Server application. The Configuration (Auth Server) documentation focuses on the aspects most commonly customised.
For convenience, the Helm chart parameter sections are listed here. For further info on the parameters to be configured for each section, please refer to the Helm chart README.md page.
Authorization Server Helm chart parameter sections
| Parameter section | Section description |
|---|---|
| Global Parameters | Contains global parameters; these parameters are mirrored within the Telicent core umbrella chart. Note: Only global parameters used within this chart will be listed below. |
| Application Parameters - Identity Provider (IDP) and Secret | Contains details pertinent to the OIDC Identity Provider to be used by the Auth OAuth application. It is recommended to store sensitive information including passwords in a Kubernetes secret and not in Helm values. For Quick Start purposes, a secret named tc-auth-gen-idp-auth will be created if one is not set. |
| Application Parameters - ForwardAuth and Secret | When making requests to the /auth/forward endpoint (used by reverse proxies), X-ForwardAuth-Secret header is required. The secret associated with that header is defined within this section. It is recommended to store sensitive information including passwords in a Kubernetes secret and not in Helm values. For Quick Start purposes, a secret named tc-auth-gen-forward-auth will be created if one is not set. |
| Application Parameters - Java | Contains Java parameters to be used by the Auth application |
| Application Parameters - Logs | Refer to detail in Helm chart |
| Application Parameters - PostgreSQL and Secret | Contains connection details to a PostgreSQL instance, on which the application relies. It is recommended to store sensitive information including passwords in a Kubernetes secret and not in Helm values. For Quick Start purposes, a secret named tc-auth-usr-psql-auth will be created if one is not set. |
| Application Parameters - Bootstrap | Contains configuration to be used to bootstrap a clean instance of the Auth application to a working state. |
| ConfigMap Parameters | Refer to detail in Helm chart |
| Common Parameters | Refer to detail in Helm chart |
| Deployment Parameters | Refer to detail in Helm chart |
| Deployment Image Parameters | Refer to detail in Helm chart |
| Deployment Resources Parameters - Requests and Limits | Refer to detail in Helm chart |
| Deployment Security Context Parameters - Default Security Context | Refer to detail in Helm chart |
| Deployment Affinity Parameters | Refer to detail in Helm chart |
| Service Account Parameters | Refer to detail in Helm chart |
| Traffic Exposure Parameters | Refer to detail in Helm chart |
| Host(s) Parameters | Contains host information for applications deployed via telicent-core chart. Auth interacts directly with other Telicent Applications using their default service/serviceAccount and port. If either of those details changes, you can use this section to correctly referer to those applications. |
| Host(s) Preview Parameters | Contains host information for applications deployed via telicent-preview chart. Host values will be used as defined in this section, release name cannot be autocorrected, as the release name is unknown. |