SAML vs OIDC - SSO with Microsoft Entra ID #21703
-
|
I have been reading the documentation (https://argo-cd.readthedocs.io/en/stable/operator-manual/user-management/microsoft) to implement SSO using Microsoft Entra ID/Azure AD as an Identity provider, but as there are three options in the documentation, I am unsure as to which one is best to use. I feel like I should be using OpenID Connect/OIDC as that is the newer standard, but that will require us to maintain a client secret and ensure that it does not expire. For this reason, I feel like the SAML approach might be the better option, as it does not seem to have any expiring component. Can anyone expand or recommend which route it is best to go down? |
Beta Was this translation helpful? Give feedback.
Replies: 2 comments 1 reply
-
|
Maybe @jagpreetstamber could help? |
Beta Was this translation helpful? Give feedback.
-
|
@joshwright10 OIDC is the best option, support for workload identity has been added recently which will remove the requirement of using clientSecret. #21433 |
Beta Was this translation helpful? Give feedback.
-
|
That's perfect! Great feature, I look forward to using it. |
Beta Was this translation helpful? Give feedback.
@joshwright10 OIDC is the best option, support for workload identity has been added recently which will remove the requirement of using clientSecret. #21433