User17108441232002774468 (Customer) asked a question.
Configure OpenID Connect in Okta to retrieve temporary credentials
Hi,
We would like to partially manage Okta via Terraform which is executed within Gitlab Pipelines. This requires a secure authentication method to Okta's API. For AWS and GCP we use OpenID Connect (example setup AWS: https://docs.gitlab.com/ee/ci/cloud_services/aws/) which utilizes Gitlab's ID tokens to retrieve access tokens. Is this kind of authentication flow possible with Okta (forgive me if there's an obvious answer, my Okta knowledge is limited)? If so, these are the main questions:
- What Okta features/resources should we know about when setting this up?
- How would we limit access to certain Gitlab groups/projects?
Hi @User17108441232002774468 (Customer) , thank you for contacting Okta Community!
I've reviewed our documentation for something relevant. It looks like your question is more appropriate for our dedicated Okta Developer Forum. I advise reaching out via devforum.okta.com as they will have more insight into this topic.
In the meantime, you can reference this article on OpenID Connect & OAuth 2.0 API.
While we'll do our best to answer your questions here, this medium is more inclined towards Okta's core products and features (non-developer work).
Regards.
--
Help others in the community by liking or hitting Select as Best if this response helped you.