> ## Documentation Index
> Fetch the complete documentation index at: https://docs.open-metadata.org/llms.txt
> Use this file to discover all available pages before exploring further.

# OneLogin SSO for Kubernetes | Official Documentation

> Integrate OneLogin into Kubernetes clusters to securely manage authentication, access tokens, and identity roles at runtime.

# One Login SSO for Kubernetes

Check the Helm information [here](https://artifacthub.io/packages/search?repo=open-metadata).

Once the `Client Id` is generated, see the snippet below for an example of where to
place the client id value and update the authorizer configurations in the `values.yaml`.

```yaml theme={null}
openmetadata:
  config:
    authorizer:
      className: "org.openmetadata.service.security.DefaultAuthorizer"
      # JWT Filter
      containerRequestFilter: "org.openmetadata.service.security.JwtFilter"
      initialAdmins:
      - "suresh"
      principalDomain: "open-metadata.org"
    authentication:
      provider: "custom-oidc"
      publicKeys:
      - "{your domain}/api/v1/system/config/jwks" # Update with your Domain and Make sure this "/api/v1/system/config/jwks" is always configured to enable JWT tokens
      - "{IssuerUrl}/certs"
      authority: "{IssuerUrl}"
      clientId: "{client id}"
      callbackUrl: "http://localhost:8585/callback"
```

## Configure Ingestion

Once your server security is set, it's time to review the ingestion configuration. Our bots support JWT tokens
to authenticate to the server when sending requests.

Find more information on [**Enabling JWT Tokens**](/deployment/security/enable-jwt-tokens) and [**JWT Troubleshooting**](/deployment/security/jwt-troubleshooting) to ensure seamless authentication.