Pachyderm Enterprise OIDC/Dex Authentication
Pachyderm
Enterprise authentication guide with sequence diagram
Sequence diagram as the primary teaching tool — OIDC authentication through Dex involves five actors, optional flows, and a precise callback sequence that's easy to misconfigure. The diagram was validated by engineers and covers the complete round-trip without simplifying it.
The situation
Enterprise customers needed to configure OIDC authentication via Dex for Pachyderm. The topic requires getting multiple moving parts right simultaneously — connector config format, Helm values, proxy integration, and user revocation.
The task
Build an enterprise authentication guide that works for the setup case and the debugging case.
What I did
Used Auth0 as a concrete worked example while keeping the structure generalizable. Provided connector configuration in both JSON and YAML. Documented both Helm and pachctl setup paths. Added explicit proxy-specific callouts for the new proxy architecture. Designed the sequence diagram covering the complete authentication round-trip — End User, Web Browser, Dex, OpenID Provider, and Pachd — including the optional authentication block and every callback.
What happened
The sequence diagram was validated by engineers — every step in the round-trip covered correctly, including the optional authentication block and all callbacks.
Enterprise authentication documentationOIDC/Dex architectureSequence diagram designSecurity protocol depth