OIDC settings in Helm

You can also persist the OIDC sessions in a Redis instance by configuring Helm values.

Configure OIDC values in your Gloo Mesh Enterprise deployment link

You can configure the OIDC values for the Gloo UI when you install Gloo Mesh Enterprise via Helm. This way, when you manage your releases through the helm upgrade process, your Dashboard custom resource settings are kept.

1. Follow the steps in the get started guide to install Gloo Mesh Enterprise. During the installation, specify the following settings in your Helm values file, alongside your other settings. For more information about the OIDC settings, see the API reference.

     glooUi:
     enabled: true
     auth:
       enabled: true
       backend: oidc
       oidc:
         clientId: # From the OIDC provider
         clientSecret: # From the OIDC provider. Stored in a secret that you created in advance in the same namespace as the Gloo UI. In this example, the secret's name is 'dashboard'.
         clientSecretName: dashboard
         issuerUrl: # The URL to connect to the OpenID Connect identity provider, often in the format 'https://<domain>.<provider_url>/'.
         appUrl: # The URL that the Gloo UI is exposed at, such as 'https://localhost:8090'.
     

2. Optional: Add a stanza to store UI sessions in Redis.

Store UI sessions in Redis link

By default, Gloo UI sessions are persisted by storing the OIDC ID tokens in encrypted browser cookies. If the ID tokens are too large to be stored in cookies, you can configure the UI to use a Redis instance instead.

You can deploy a Redis instance with the Gloo Mesh Enterprise Helm chart, or use your own Redis deployment.

Add the following values into the Helm values file with your OIDC details that you created in the previous section. For more information, refer to the Backing databases for Gloo UI guide.

  glooUi:
  enabled: true
  auth:
    oidc:
      session:
        backend: redis
        redis:
          host: redis-dashboard.gloo-mesh.svc.cluster.local:6379 # Point to the Redis instance. This example is for the Gloo Mesh Enterprise installed Redis. Update to your own as needed.