Add allowedAudience to flyte-core external auth deployment documentat…

…ion (#5124) * Add allowedAudience to flyte-core external auth deployment documentation Signed-off-by: Mark Waylonis <[email protected]> * Update auth_setup.rst Signed-off-by: Eduardo Apolinario <[email protected]> --------- Signed-off-by: Mark Waylonis <[email protected]> Signed-off-by: Eduardo Apolinario <[email protected]> Co-authored-by: Eduardo Apolinario <[email protected]>
flyteorg · Mar 3, 2025 · 0d1f7b0 · 0d1f7b0
1 parent 9178aaa
commit 0d1f7b0
Showing 1 changed file with 2 additions and 0 deletions.
diff --git a/docs/deployment/configuration/auth_setup.rst b/docs/deployment/configuration/auth_setup.rst
@@ -605,6 +605,8 @@ Follow the steps in this section to configure `flyteadmin` to use an external au
 
                # 2. Optional: Set external auth server baseUrl if different from OpenId baseUrl.
                externalAuthServer:
+               # Replace this with your deployment URL.  It will be used by flyteadmin to validate the token audience
+                 allowedAudience: https://<your-flyte-deployment-URL>
                # baseUrl: https://<keycloak-url>/auth/realms/<keycloak-realm> # Uncomment for Keycloak and update with your installation host and realm name
                # baseUrl: https://login.microsoftonline.com/<tenant-id>/v2.0 # Uncomment for Azure AD
                # For Okta, use the Issuer URI of the custom auth server: