Authentication in ChaosCenter
Prerequisites​
ChaosCenter allows OAuth as well as local authentication using Dex and the authentication server.
Authentication architecture​
Litmus portal uses two components for authentication of users:
- Authentication Server
- Dex OIDC Server (Optional)
By default litmus-portal comes with then authentication server as part of the litmusportal-server deployment and it allows local authentication that is based of mongo database. Client services such as litmusctl and litmusportal-frontend make use of this server.
In order to provide enhanced and seamless login features, we wanted to integrate OAuth and other authentication mechanisms such as OpenID connect. To have flexibility, litmus-portal makes use of an additional component, Dex OIDC server.
Dex is a highly extensible cloud-native OIDC provider that is able to take care of various authentication mechanisms. With Dex being deployed, the authentication-server can communicate with the dex-server which enables the integration of various OAuth providers. GitHub and Google auth has been tested at present.