Question 1

How do I set up Dex for Kubernetes authentication?

Accepted Answer

Deploy Dex on Kubernetes using Custom Resource Definitions, then configure the API server's OIDC plugin to point to Dex. Use clients like kubelogin to handle token flow, as detailed in the official Kubernetes guide.

Question 2

Dex vs Keycloak: which is better for OIDC?

Accepted Answer

Dex is lighter and focused on being an OIDC bridge with deep Kubernetes integration, ideal for federating multiple backends. Keycloak offers a full IAM suite with UI and more features, better for comprehensive identity management.

Question 3

Does Dex support multi-factor authentication?

Accepted Answer

Dex does not natively implement MFA; it relies on upstream identity providers to handle additional factors. Check if your connector (e.g., LDAP or Google) supports MFA configurations.

Question 4

How to add a custom OAuth provider to Dex?

Accepted Answer

Use the alpha-stage OAuth 2.0 connector or implement a custom connector by following Dex's development guidelines, though this requires Go programming and understanding of the connector interface.

Question 5

Can Dex issue refresh tokens for SAML logins?

Accepted Answer

No, the SAML connector does not support refresh tokens due to protocol limitations, meaning offline access isn't possible for clients relying on SAML authentication through Dex.

Question 6

What are the performance impacts of using Dex?

Accepted Answer

Dex adds an extra proxy layer in the auth flow, which can introduce latency. However, it's designed for efficiency, and caching ID Tokens can help mitigate performance overhead in most scenarios.

Dex

What is Dex?

Overview

Use Cases

Best For

Related Projects

Found a gem we're missing?

Not Ideal For

Pros & Cons

Pros

Cons

Frequently Asked Questions