> ## Documentation Index
> Fetch the complete documentation index at: https://docs.open-metadata.org/llms.txt
> Use this file to discover all available pages before exploring further.
# Auth0 SSO for Kubernetes | Official Documentation
> Connect Kubernetes to enable streamlined access, monitoring, or search of enterprise data using secure and scalable integrations.
# Auth0 SSO for Kubernetes
Check the Helm information [here](https://artifacthub.io/packages/search?repo=open-metadata).
Check the more information about environment variable [here](/v1.12.x/deployment/security/configuration-parameters).
Here is an example for reference, showing where to place the values in the `values.yaml` file after setting up your Auth0 account and obtaining the application credentials.
```
# Public Flow
openmetadata:
config:
authorizer:
className: "org.openmetadata.service.security.DefaultAuthorizer"
containerRequestFilter: "org.openmetadata.service.security.JwtFilter"
initialAdmins: # john.doe from john.doe@example.com
- "admin"
- "user1"
- "user2"
principalDomain: "open-metadata.org" # Update with your Domain,The primary domain for the organization (example.com from john.doe@example.com).
authentication:
clientType: public
provider: "auth0"
publicKeys:
- "{your domain}/api/v1/system/config/jwks" # Update with your Domain and Make sure this "/api/v1/system/config/jwks" is always configured to enable JWT tokens
- "{Auth0 Domain Name}/.well-known/jwks.json"
authority: "{Your Auth0 Domain}" # The base URL of the authentication provider.
clientId: "{Client ID}"
callbackUrl: "http://localhost:8585/callback"
```
```
# Auth Code Flow
openmetadata:
config:
authorizer:
className: "org.openmetadata.service.security.DefaultAuthorizer"
containerRequestFilter: "org.openmetadata.service.security.JwtFilter"
initialAdmins: # john.doe from john.doe@example.com
- "admin"
- "user1"
- "user2"
principalDomain: "open-metadata.org" # Update with your Domain,The primary domain for the organization (example.com from john.doe@example.com).
authentication:
clientType: confidential
provider: "auth0"
publicKeys: # List of URLs providing public keys for verifying JWT tokens.
- "{Your Domain}/api/v1/system/config/jwks" # Update with your Domain and Make sure this "/api/v1/system/config/jwks" is always configured to enable JWT tokens
- "{Auth0 Domain Name}/.well-known/jwks.json
authority: "{Your Auth0 Domain}" # The base URL of the authentication provider.
clientId: "{Client ID}" # Update your Client ID
callbackUrl: "http://localhost:8585/callback"
oidcConfiguration:
enabled: true
oidcType: "Auth0"
clientId:
secretRef: oidc-secrets
secretKey: openmetadata-oidc-client-id
clientSecret:
secretRef: oidc-secrets
secretKey: openmetadata-oidc-client-secret
discoveryUri: "{Domain name}/.well-known/openid-configuration" # Update your Auth0 Domain
callbackUrl: http://localhost:8585/callback
serverUrl: http://localhost:8585
```
## Configure Ingestion
Once your server security is set, it's time to review the ingestion configuration. Our bots support JWT tokens
to authenticate to the server when sending requests.
Find more information on [**Enabling JWT Tokens**](/deployment/security/enable-jwt-tokens) and [**JWT Troubleshooting**](/deployment/security/jwt-troubleshooting) to ensure seamless authentication.
Go to Auth0 Configuration