Skip to content

Deployment Identity Providers

Governance Platform deployment supports Auth0, Microsoft Entra ID, and Keycloak as the standard full-platform identity-provider choices.

Auth Service also supports generic OIDC at the service level. Use it only for reviewed deployments where EQTY support has confirmed the browser login, claim-mapping, membership, and worker-token behavior.

Each provider requires:

  • A browser application or client for Governance Studio.
  • A backend application or client for API token validation and token exchange.
  • Redirect URIs and allowed origins for the platform domain.
  • Management or admin credentials when user-management automation is enabled.
  • Service-account or machine-to-machine configuration when worker flows are enabled.

The deployment repository includes bootstrap charts and helper scripts for supported providers. Use the guide that matches the customer identity provider and cloud environment.

After installation, validate:

  • Browser login.
  • Token validation through Auth Service.
  • Organization and project membership.
  • API key creation for authorized users.
  • Service-account token retrieval when worker workflows are enabled.