DC/OS Open Source Security

Managing security in your datacenter using DC/OS Open Source

Ensure the network is setup according to the information for securing your cluster.

You can enable authentication in your datacenter with DC/OS oauth. Authentication is managed through the DC/OS web interface. The Admin Router enforces access control.

Out-of-the-box DC/OS has an OpenID Connect 1.0 endpoint at dcos.auth0.com (in cooperation with Auth0) with connections to Google, GitHub, and Microsoft to provide basic authentication for DC/OS installations. DC/OS automatically adds the first user that logs in to the DC/OS cluster.

DC/OS uses the JSON Web Token (JWT) format for its authentication tokens. JWT is an open, industry standard (RFC 7519) method for securely representing claims between two parties. JWTs are obtained using OpenID Connect 1.0, which is a simple identity layer built on top of the OAuth 2.0 protocol.

DC/OS OAuth provides an HTTP API for managing local users in a RESTful fashion.

Auth0 badge