[2.9.0] 1373 support authentication with service account tokens (#1402)

* Add JWT Authentication page for v2.9 feature #1373 * Update GitLab / HashiCorp reference Co-authored-by: Billy Tat <[email protected]> * Update location of JWT Authentication page * Apply suggestions from code review for Intro Co-authored-by: Marty Hernandez Avedon <[email protected]> * Update title / get rid of note * Update title (2) * Add JWT Auth page to v2.9 docs * Update JWT feature summary * Apply suggestions from code review Co-authored-by: Billy Tat <[email protected]> --------- Co-authored-by: Billy Tat <[email protected]> Co-authored-by: Marty Hernandez Avedon <[email protected]>
rancher · Aug 1, 2024 · c3a33fb · c3a33fb
1 parent af407d0
commit c3a33fb
Show file tree

Hide file tree

Showing 4 changed files with 36 additions and 1 deletion.
diff --git a/...uides/authentication-permissions-and-global-configuration/jwt-authentication.md b/...uides/authentication-permissions-and-global-configuration/jwt-authentication.md
@@ -0,0 +1,17 @@
+---
+title: JSON Web Token (JWT) Authentication
+---
+<head> 
+  <link rel="canonical" href="https://ranchermanager.docs.rancher.com/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/jwt-authentication"/>
+</head>
+
+Many 3rd party integrations available for Kubernetes, such as GitLab and HashiCorp Vault, involve giving an external process access to the Kubernetes API using a native Kubernetes Service Account token for authentication.
+
+In Rancher v2.9.0 and later, service accounts on downstream clusters can now authenticate through a JSON web token (JWT) using the Rancher authentication proxy. In Rancher versions earlier than  v2.9.0, only Rancher-issued tokens were supported.
+
+To enable this feature, follow these steps:
+
+1. In the upper left corner, click **☰ > Cluster Management**.
+1. Click **Advanced** to open the dropdown menu.
+1. Select **JWT Authentication**.
+1. Click the checkbox for the cluster you want to enable JWT authentication for, and click **Enable**. Alternatively, you can click **⋮** > **Enable**.
diff --git a/sidebars.js b/sidebars.js
@@ -288,6 +288,7 @@ const sidebars = {
                     "how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/manage-role-based-access-control-rbac/locked-roles",
                   ]
                 },
+                "how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/jwt-authentication",
                 {
                   type: 'category',
                   label: 'About Provisioning Drivers',
@@ -322,7 +323,6 @@ const sidebars = {
                 "how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/pod-security-standards",
                 "how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/psa-config-templates",
                 "how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/global-default-private-registry",
-
                 "how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/custom-branding",
               ]
             },

diff --git a/...uides/authentication-permissions-and-global-configuration/jwt-authentication.md b/...uides/authentication-permissions-and-global-configuration/jwt-authentication.md
@@ -0,0 +1,17 @@
+---
+title: JSON Web Token (JWT) Authentication
+---
+<head> 
+  <link rel="canonical" href="https://ranchermanager.docs.rancher.com/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/jwt-authentication"/>
+</head>
+
+Many 3rd party integrations available for Kubernetes, such as GitLab and HashiCorp Vault, involve giving an external process access to the Kubernetes API using a native Kubernetes Service Account token for authentication.
+
+In Rancher v2.9.0 and later, service accounts on downstream clusters can now authenticate through a JSON web token (JWT) using the Rancher authentication proxy. In Rancher versions earlier than  v2.9.0, only Rancher-issued tokens were supported.
+
+To enable this feature, follow these steps:
+
+1. In the upper left corner, click **☰ > Cluster Management**.
+1. Click **Advanced** to open the dropdown menu.
+1. Select **JWT Authentication**.
+1. Click the checkbox for the cluster you want to enable JWT authentication for, and click **Enable**. Alternatively, you can click **⋮** > **Enable**.
diff --git a/versioned_sidebars/version-2.9-sidebars.json b/versioned_sidebars/version-2.9-sidebars.json
@@ -267,6 +267,7 @@
                     "how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/manage-role-based-access-control-rbac/locked-roles"
                   ]
                 },
+                "how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/jwt-authentication",
                 {
                   "type": "category",
                   "label": "About Provisioning Drivers",