I have a question regarding programmatic access to LakeFS.
I want users to be able to authenticate to LakeFS with python by utilizing OpenID connect and the specified claim name. My case here is that I would prefer that users do not create their own generated credentials, but instead get temporary credentials when they are calling a function. I am unable to find anything in the documentation, so any help is appreciated!
As a reference, I want to be able to implement a flow similar to what is available in MinIO.
11/06/2023, 1:10 PM
Hi @Andreas Fred-Ojala,
Welcome and thanks for your question :)
Unfortunately this is not supported. OIDC is supported in lakeFS cloud through the UI.
We understand your requirement and we'll discuss it with that in mind.
11/06/2023, 1:24 PM
OIDC is supported on the enterprise edition as well from what I could see :D (unfortunately we cannot go towards the cloud...).
Lets say that we go on the enterprise edition, would it be possible to recieve temporary credentials (programmatically) from the OIDC provider?
And thanks for your time! 🙂
11/06/2023, 2:48 PM
Hey @Andreas Fred-Ojala! - temporary (STS-like) token are currently in development, targeting both lakeFS Cloud and lakeFS Enterprise. I'd be happy to jump on a quick call to make sure it fits your needs and discuss specifics
11/06/2023, 3:05 PM
Unfortunately, I can’t today. But tomorrow works for me. Send me a DM so we can sync if you’d like