<https://docs.flyte.org/en/latest/deployment/confi...
# flyte-supportc
cool-scientist-25110
06/08/2023, 3:59 PMhttps://docs.flyte.org/en/latest/deployment/configuration/auth_setup.html#oauth2-authorization-server states that there are default clients defined in https://github.com/flyteorg/flyteadmin/pull/168/files#diff-1267ff8bd9146e1c0ff22a9e9d53cfc56d71c1d47fed9905f95ed4bddf930f8eR74-R100 but the link does not appear to go to anything specific, and I do not see any client info contained there… I am trying to use Flyte without a custom Authorization Server, but components like Scheduler and Propeller are unable to authenticate… Does anyone have more complete info / instructions about how that is supposed to work? Should it work out of the box, or does it require some kind of additional config?
f
freezing-airport-6809
06/08/2023, 4:08 PM
@cool-scientist-25110 what are you using as your oauth2 provider?
freezing-airport-6809
06/08/2023, 4:08 PM
okta? or something like that - auth0, keycloak?
c
cool-scientist-25110
06/08/2023, 4:09 PMOkta, but I cannot create my own Authorization Service
f
freezing-airport-6809
06/08/2023, 4:09 PM
you dont have to
freezing-airport-6809
06/08/2023, 4:09 PM
okta has an authorization service
freezing-airport-6809
06/08/2023, 4:09 PM
just disable flyte's authorizer and use oktas
freezing-airport-6809
06/08/2023, 4:09 PM
we use that for union cloud
freezing-airport-6809
06/08/2023, 4:09 PM
and at Lyft and a few other companies
c
cool-scientist-25110
06/08/2023, 4:10 PMI assumed that would not work because it does not have the “all” and “offline” scopes mentioned in the instructions?
f
freezing-airport-6809
06/08/2023, 4:10 PM
you will need to create a new client app in the okta console for propeller and flytectl if you want to use it
c
cool-scientist-25110
06/08/2023, 4:10 PMright, I see that in the instructions
151 Views