Authentication

Authentication for the user interface depends on OpenID Connect (OIDC).

The configuration is provided through the CRD operator CRD. For more information, see config.security.oidc.

FTM supports both JWTTokens and opaque tokens.

The following steps occur when a user logs in to the user interface.
  1. The user logs in to OIDC. Depending on the OIDC configuration, a two-factor authentication is enabled.
  2. If the OIDC login is successful, the application user registry is checked to see whether the user ID is found.
  3. If the user is also found in the application user registry, their preferences and permissions are retrieved. The preferences and permissions are retained while the user stays logged in.
  4. The user is presented with a welcome page.

The functions of OpenID Connect (OIDC) are shown in the following list.

  • Authenticates the user.
  • Inserts user credential information in HTTP requests.