DC/OS DocumentationTo provide Single Sign-On (SSO) in your organization, you can configure DC/OS Enterprise to authenticate users against one or more external user identity providers (IdP). In contrast to directory-based authentication, the identity provider-based authentication is not as rich (less information available) but is more flexible for individual users.
When a user attempts to log on from the DC/OS web interface, they will be presented with a list of the third-party identity providers that you have configured. They can click the one that they have an account with for SSO.
-
To discover the names of the IdPs that have been configured, use the
dcos auth list-providerscommand:dcos auth list-providers -
To discover the names of the IdPs that have been configured, use the
dcos auth login --provider=<provider-name> --username=<user-email> --password=<secret-passwordcommand to log in using an IdP.dcos auth login --provider=<provider-name> --username=<user-email> --password=<secret-password
DC/OS Enterprise supports two types of identity provider-based authentication methods: Security Assertion Markup Language (SAML) and OpenID Connect (OIDC):
- Adding a SAML Identity Provider
- Adding an OpenID Identity Provider: