openshift-docs/authentication/external-auth.adoc

:_mod-docs-content-type: ASSEMBLY
[id="external-auth"]
= Enabling direct authentication with an external OIDC identity provider
include::_attributes/common-attributes.adoc[]
:context: external-auth

toc::[]

While the built-in OpenShift OAuth server supports integration with a variety of identity providers, including external OpenID Connect (OIDC) identity providers, it is limited to the capabilities of the OAuth server itself. You can configure {product-title} to use an external OIDC identity provider directly to issue tokens for authentication, which replaces the built-in OpenShift OAuth server.

// About direct authentication with an external OIDC identity provider
include::modules/external-auth-about.adoc[leveloffset=+1]

// Disabled OAuth resources
include::modules/external-auth-disabled-resources.adoc[leveloffset=+2]

// Direct authentication identity providers
include::modules/external-auth-providers.adoc[leveloffset=+2]

// Configuring an external OIDC identity provider for direct authentication
include::modules/external-auth-configuring.adoc[leveloffset=+1]

// OIDC provider configuration parameters
include::modules/external-auth-fields.adoc[leveloffset=+2]

// Disabling direct authentication
include::modules/external-auth-disabling.adoc[leveloffset=+1]