Configuring OAuth clients

    The following OAuth clients are automatically created when starting the OKD API:

    If you need an additional OAuth client to manage authentication for your OKD cluster, you can register one.

    • To register additional OAuth clients:

    You can configure OAuth clients to expire OAuth tokens after a set period of inactivity. By default, no token inactivity timeout is set.

    Prerequisites

    • You have access to the cluster as a user with the cluster-admin role.

    • You have configured an identity provider (IDP).

    Procedure

      1. Save the file to apply the changes.

    Verification

    1. Log in to the cluster with an identity from your IDP. Be sure to use the OAuth client that you just configured.

    2. Perform an action and verify that it was successful.

    3. Wait longer than the configured timeout without using the identity. In this procedure’s example, wait longer than 600 seconds.

    • [OAuthClient [oauth.openshift.io/v1]($cb4e9cae11960be1.md#oauthclient-oauth-openshift-io-v1)]