Authentication & IdP Connectors #

Pachyderm has an embedded Open ID Connect based on Dex, allowing for vendor-neutral authentication using your existing credentials from various back-ends. You can enable users to authenticate to a Pachyderm cluster using their favorite Identity Providers by following the articles in this section.

When you enable authentication, you gain access to Pachyderm’s authorization features. You can use Pachyderm’s Role-Based Access Control (RBAC) model to configure authorization for your users and assign roles that grant certain permissions for interacting with Pachyderm’s resources.

Useful Auth PachCTL Commands #

Command	Description
`pachctl auth login`	Logs in to the cluster
`pachctl auth logout`	Logs out of the cluster
`pachctl auth whoami`	Returns the current user’s username
`pachctl auth get-groups`	Returns the current user’s groups
`pachctl auth get-config`	Returns the instance’s current auth configuration
`pachctl auth get cluster`	Returns the role bindings for the cluster
`pachctl auth get project <project-name>`	Returns the role bindings for a project
`pachctl auth get repo <repo-name>`	Returns the role bindings for a repo

MockIDP

Learn how to authenticate with MockIDP for testing and development purposes.

Auth0

Learn how to enable authentication through Auth0 as an Identity Provider.

Okta

Learn how to authenticate with Okta.