Anonymous strategy
Access Kiali with no authentication.
Authentication Strategies
Choosing and configuring the appropriate authentication strategy.
Kiali supports five authentication mechanisms.
- The default authentication strategy for OpenShift clusters is
openshift. - The default authentication strategy for all other Kubernetes clusters is
token.
All mechanisms other than anonymous support limiting per-user namespace access control.
For multi-cluster, only anonymous and openid are currently supported.
Read the dedicated page of each authentication strategy to learn more.
Header strategy
Run Kiali behind a reverse proxy responsible for injecting the user’s token, or a token with impersonation.
OpenID Connect strategy
Access Kiali requiring authentication through a third-party OpenID Connect provider.
OpenShift strategy
Access Kiali requiring OpenShift authentication.
Token strategy
Access Kiali requiring a Kubernetes ServiceAccount token.
Session options
Session timeout and signing key configuration
Last modified February 9, 2024: Add notes about which auth strategies are supported in MC (#751) (6e4f9ec)