diff --git a/site/content/docs/architecture.md b/site/content/docs/architecture.md index 42c1e7fb..8181259c 100644 --- a/site/content/docs/architecture.md +++ b/site/content/docs/architecture.md @@ -11,10 +11,10 @@ clusters. Pinniped hopes to enable this access across a wide range of Kubernetes environments with zero configuration. This integration is composed of two parts. -One part, the supervisor, is a service which allows users +One part, the supervisor, is an OIDC server which allows users to authenticate with their external Identity Provider, -then issues its own federation id tokens based on the information from the external -Identity Provider's token. +then issues its own federation id tokens to be passed on to clusters +based on the information from the external Identity Provider's token. The other, the concierge, is a credential exchange API which takes as input a token (from the supervisor or elsewhere), and returns a credential which is understood by the host Kubernetes cluster. diff --git a/site/content/docs/concierge-only-demo.md b/site/content/docs/concierge-only-demo.md index 0f0b6209..0bfa7b69 100644 --- a/site/content/docs/concierge-only-demo.md +++ b/site/content/docs/concierge-only-demo.md @@ -13,9 +13,9 @@ cascade: Don't have a cluster handy? Consider using [kind](https://kind.sigs.k8s.io/) on your local machine. See below for an example of using kind. -1. An identity provider of a type supported by Pinniped as described in [architecture](/docs/architecture). +1. An authenticator of a type supported by Pinniped as described in [architecture](/docs/architecture). - Don't have an identity provider of a type supported by Pinniped handy? No problem, there is a demo identity provider + Don't have an authenticator of a type supported by Pinniped handy? No problem, there is a demo authenticator available. Start by installing local-user-authenticator on the same cluster where you would like to try Pinniped by following the directions in [deploy/local-user-authenticator/README.md](https://github.com/vmware-tanzu/pinniped/blob/main/deploy/local-user-authenticator/README.md). See below for an example of deploying this on kind. @@ -77,7 +77,7 @@ as the identity provider. ```bash # Example of manually choosing a release version... - pinniped_version=v0.2.0 + pinniped_version=v0.3.0 ``` 1. Deploy the local-user-authenticator app. This is a demo identity provider. In production, you would use your diff --git a/site/content/docs/demo.md b/site/content/docs/demo.md index 54dd97f0..53254385 100644 --- a/site/content/docs/demo.md +++ b/site/content/docs/demo.md @@ -5,5 +5,5 @@ cascade: --- # Trying Pinniped -1. [Concierge demo](/docs/concierge-only-demo) -1. [Supervisor and Concierge demo](/docs/concierge-and-supervisor-demo) +1. [Concierge with webhook demo](/docs/concierge-only-demo) +1. [Concierge with supervisor and JWTAuthenticator demo](/docs/concierge-and-supervisor-demo)