Skip to content

Identity

Responsibility

Issues and validates identity tokens; manages users, groups, OAuth/OIDC providers, and API keys.

Inbound Authentication

  • admin endpoints require admin-scoped auth
  • token issue endpoints validate credentials/provider flow

Outbound Authentication

  • OAuth/OIDC calls to external identity providers (Google/Authentik)

Key Config

  • JWT secret/issuer/audience
  • OAuth/OIDC provider client settings

Health

  • GET /healthz
  • GET /readyz