I was looking at headless authentication for flyte...
# ask-the-communitym
Mark Waylonis
09/27/2023, 9:39 PMI was looking at headless authentication for flytekit/flytectl and came across the device flow auth https://github.com/flyteorg/flyte/issues/3484, which looks like it has already been implemented, but is not really documented in the auth setup or flytectl help. I'd be happy to work on improving the documentation, but I wanted to check that this flow is complete / supported.
s
Samhita Alla
09/28/2023, 7:10 AM
I believe it is! Please go ahead and create a PR. Thank you!
cc @David Espejo (he/him)
t
Tommy Nam
09/28/2023, 7:42 AM@Mark Waylonis
We use it in our production environment with Auth0 and it works, though we had to do a few things on our end to enable caching with Keyring + Auth0 OIDC scopes
Tommy Nam
09/28/2023, 7:43 AMOther IDPs probably don't need the same level of customisation that our solution required, or if you don't need the caching
I have a PR open for it if you want to help push changes to it
m
Mark Waylonis
09/28/2023, 11:42 PMThanks, thats good to know @Tommy Nam. Would you mind linking to your PR? I didn't see it looking through github
t
Tommy Nam
09/29/2023, 4:22 AM@Mark Waylonis
https://github.com/flyteorg/flytekit/pull/1805
It's quite out of date compared to the main branch and there's probably a need to separate some of the additions into separate PRs for git cleanliness' sake as well as general refactoring, but here is the general idea. We're working on getting things up to PR standards once our workload decreases but this is what we have for now
Feel free to grab what code you want, though we would ask for some consideration for credits if you do end up pushing some feature PRs into main in the future
m
Mark Waylonis
09/29/2023, 8:53 PMOf course i'd be happy to. Thanks for the info Tommy!