Identity Platform
- Identity Charmers | bundle
| Channel | Revision | Published |
|---|---|---|
| latest/edge | 39 | 14 Jan 2025 |
| istio/edge | 38 | 12 Jan 2025 |
| 0.3/edge | 32 | 20 Sep 2024 |
| 0.2/edge | 25 | 09 May 2024 |
| 0.1/edge | 17 | 25 Apr 2024 |
juju deploy identity-platform --channel edge
Deploy Kubernetes operators easily with Juju, the Universal Operator Lifecycle Manager. Need a Kubernetes cluster? Install MicroK8s to create a full CNCF-certified Kubernetes system in under 60 seconds.
Platform:
-
cpu | string
K8s cpu resource limit, e.g. "1" or "500m". Default is unset (no limit). This value is used for the "limits" portion of the resource requirements (the "requests" portion is automatically deduced from it). See https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
-
default_identity_schema_id | string
The default identity schema id, this option only works when `identity_schemas` is defined
-
dev | boolean
Run Kratos on dev mode, it is needed if HTTPS is not set up. This should only be used for development purposes.
-
enable_local_idp | boolean
Default: True
Enable Kratos Identity Provider
-
enable_oidc_webauthn_sequencing | boolean
Enforce setting up a WebAuthn key (e.g. with YubiKey or Google Password Manager on Android) after signing in with an external identity provider. Requires `enable_passwordless_login_method=False`. WARNING: Do not enable this option unless you are sure that this feature applies to your deployment.
-
enable_passwordless_login_method | boolean
Enable passwordless authentication via webauthn. Requires `enable_local_idp=True`.
-
enforce_mfa | boolean
Default: True
Enforce users to set up and use multi factor authentication. Disabling this option will allow users to log in with password or webauthn without completing 2fa.
-
http_proxy | string
URL of the HTTP proxy eg http://proxy.internal:6666, it will set the HTTP_PROXY var in the workload environment
-
https_proxy | string
URL of the HTTPS proxy eg http://proxy.internal:6666, it will set the HTTPS_PROXY var in the workload environment
-
identity_schemas | string
A mapping of schema_id to identity schemas. For example: { "user_v0": { "$id": "https://schemas.ory.sh/presets/kratos/quickstart/email-password/identity.schema.json", "$schema": "http://json-schema.org/draft-07/schema#", "title": "Person", "type": "object", "properties": { "traits": { "type": "object", "properties": { "email": { "type": "string", "format": "email", "title": "E-Mail", "minLength": 3, "ory.sh/kratos": { "verification": { "via": "email" } } }, "name": { "type": "string" } } }, "additionalProperties": true } } }
-
log_level | string
Default: info
The verbosity of logs produced by Kratos. Available values are: panic, fatal, error, warn, info, debug, and trace.
-
memory | string
K8s memory resource limit, e.g. "1Gi". Default is unset (no limit). This value is used for the "limits" portion of the resource requirements (the "requests" portion is automatically deduced from it). See https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
-
no_proxy | string
Domains that need to be excluded from proxying no_proxy="test.com,test.co.uk", it is a comma separate list
-
recovery_email_template | string
The custom html template used to send emails with recovery codes. For example: Hi, Please enter the following code to recover your account: {{ .RecoveryCode }}