Authentication & IdP Connectors

Pachyderm has an embedded Open ID Connect based on Dex, allowing for vendor-neutral authentication using your existing credentials from various back-ends. You can enable users to authenticate to a Pachyderm cluster using their favorite Identity Providers by following the articles in this section.

When you enable authentication, you gain access to Pachyderm’s authorization features. You can use Pachyderm’s Role-Based Access Control (RBAC) model to configure authorization for your users and assign roles that grant certain permissions for interacting with Pachyderm’s resources.

Useful Auth PachCTL Commands

Command Description
pachctl auth login Logs in to the cluster
pachctl auth logout Logs out of the cluster
pachctl auth whoami Returns the current user’s username
pachctl auth get-groups Returns the current user’s groups
pachctl auth get-config Returns the instance’s current auth configuration
pachctl auth get cluster Returns the role bindings for the cluster
pachctl auth get project <project-name> Returns the role bindings for a project
pachctl auth get repo <repo-name> Returns the role bindings for a repo