IAM for your product workloads

Several content workloads are onboarded to your product platform through Helm deployments. These workloads can leverage your product services for their Identity & Access Management (IAM) to configure Single Sign-On (SSO) for their services. This topic explains how the content workloads can enable authentication and authorization for their services by using IAM and the features that they can use in your product for some of their use cases.

For a typical workload that is onboarded to your product platform, you must perform the following steps for configuring SSO:

1. Authentication onboarding through client registration

   • Getting the OAUTH secret for registration
   • Constructing the client registration payload
   • Calling the client registration API

2. Authentication enforcement by workloads

   • UI authentication
   • CLI authentication

3. Authorization onboarding

   • Onboarding service
   • API Access Control Gateway
   • Onboarding service type
   • Fine grained access control administration through teams
   • Authorization enforcement

4. Set up non-user driven use cases

For details, see Authentication onboarding and single sign-on and Authorization onboarding, administration, and enforcement.