I was looking at headless authentication for flytekit/flytectl and came across the device flow auth https://github.com/flyteorg/flyte/issues/3484, which looks like it has already been implemented, but is not really documented in the auth setup or flytectl help. I'd be happy to work on improving the documentation, but I wanted to check that this flow is complete / supported.
09/28/2023, 7:10 AM
I believe it is! Please go ahead and create a PR. Thank you!
cc @David Espejo (he/him)
09/28/2023, 7:42 AM
We use it in our production environment with Auth0 and it works, though we had to do a few things on our end to enable caching with Keyring + Auth0 OIDC scopes
Other IDPs probably don't need the same level of customisation that our solution required, or if you don't need the caching
I have a PR open for it if you want to help push changes to it
09/28/2023, 11:42 PM
Thanks, thats good to know @Tommy Nam. Would you mind linking to your PR? I didn't see it looking through github
09/29/2023, 4:22 AM
It's quite out of date compared to the main branch and there's probably a need to separate some of the additions into separate PRs for git cleanliness' sake as well as general refactoring, but here is the general idea. We're working on getting things up to PR standards once our workload decreases but this is what we have for now
Feel free to grab what code you want, though we would ask for some consideration for credits if you do end up pushing some feature PRs into main in the future
09/29/2023, 8:53 PM
Of course i'd be happy to. Thanks for the info Tommy!