Oracle Cloud
Spinnaker supports OAuth 2.0 for authentication with Oracle Cloud OAuth.
Configuring Oracle Cloud OAuth 2.0
Consult the Oracle Cloud Documentation to set up OAuth 2.0 and obtain a client ID and client secret.
Note: While registering the application in Oracle Cloud OAuth 2.0, application redirect URI that should be used is https://localhost:8084/login/oauth2/code/oracle
(For Spinnaker below v2025.2.0, it should be https://localhost:8084/login
)
Configure Halyard
You may configure Halyard either with the CLI or by manually editing the hal config.
Hal config
security:
authn:
oauth2:
enabled: true
client:
clientId: # client ID from above
clientSecret: # client secret from above
accessTokenUri: https://idcs-${idcsTenantId}.identity.oraclecloud.com/oauth2/v1/token
userAuthorizationUri: https://idcs-${idcsTenantId}.identity.oraclecloud.com/oauth2/v1/authorize
scope: openid,urn:opc:idm:__myscopes__ # for Spinnaker v2025.2.0 or below, it should be "openid urn:opc:idm:__myscopes__" without double quotes
resource:
userInfoUri: https://idcs-${idcsTenantId}.identity.oraclecloud.com/oauth2/v1/userinfo
# You may want to restrict access to your Spinnaker by adding
# userInfoRequirements to further restrict access beyond simply requiring
# that users have a valid account.
userInfoRequirements: {}
userInfoMapping:
email: ''
firstName: given_name
lastName: family_name
username: preferred_username
provider: ORACLE
CLI
hal config security authn oauth2 edit --provider oracle \
--client-id (client ID from above) \
--client-secret (client secret from above)
hal config security authn oauth2 enable
Last modified September 11, 2025: feat(OAuth2): Update Spinnaker documentation for OAuth property changes in Spring Security 5 (#503) (91e340e)