Identity providers supported, Built-in OAuth service for integration with multiple identity providers, Integration with AD, OpenLDAP, and FreeIPA; OAuth and SAML identity providers 12 including iDaaS; Service Account management supported including LDAP, Keystone, OpenID Connect, and OAuth supported, such as Keycloak and Okta Security Pod Security Context applied for Pod security

SUSE Rancher SUSE Rancher integrates directly with Active Directory, Azure AD, OpenLDAP, FreeIPA, OAuth providers like GitHub and SAML providers like Keycloak and Okta. Configuration of the integration OpenShift runs an internal OAuth server and proxies communication to multiple backend providers. It maintains compatibility with providers based on LDAP, Keystone, OpenID Connect and OAuth and it provides an

使用Secret管理敏感信息配置 由于ConfigMap是明文存储，适合用来存储非安全的配置信息，如果 涉及安全敏感的数据，推荐使用另一个Secret资源对象。Secret 对象 用来保存敏感信息，例如密码、OAuth 令牌和 SSH 密钥，这些信息放 在Secret中比放在Pod的定义或者容器镜像中更加安全和灵活。 Secret 主要使用的有以下三种类型： • Opaque： base64 编码格式的 Secret，用来存储密码、密钥等。