From c9d54de91af73ba2455feb7ac59bbf76ed25427f Mon Sep 17 00:00:00 2001 From: Smeet nagda <81572407+smeet07@users.noreply.github.com> Date: Thu, 1 Jun 2023 22:25:24 +0530 Subject: [PATCH] backtick changes Co-authored-by: Ryan Richard --- site/content/docs/reference/supported-clusters.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/site/content/docs/reference/supported-clusters.md b/site/content/docs/reference/supported-clusters.md index 2811c093..1eff4385 100644 --- a/site/content/docs/reference/supported-clusters.md +++ b/site/content/docs/reference/supported-clusters.md @@ -38,5 +38,5 @@ token credential request API strategy by default. To choose the strategy to use with the concierge, use the `--concierge-mode` flag with `pinniped get kubeconfig`. Possible values are `ImpersonationProxy` and `TokenCredentialRequestAPI`. -Do not use the command line option `--anonymous-auth=false` in the `kube-apiserver` CLI for a cluster that does not use `impersonation proxy`. This is because the `kube-apiserver` blocks unauthenticated access to `TokenCredentialRequest` API of the Concierge. -This does not matter while using `impersonation proxy`, which will allow these TokenCredentialRequests requests anyway. +Do not use the command line option `--anonymous-auth=false` in the `kube-apiserver` CLI for a cluster that does not use the impersonation proxy strategy. This is because the `kube-apiserver` blocks unauthenticated access to the TokenCredentialRequest API of the Concierge, which will prevent users from being able to authenticate. +This does not matter while using the impersonation proxy strategy, which will allow these TokenCredentialRequests requests anyway.