Single Sign-On (SSO) for Confluent Control Center on Confluent Platform

SSO lets Control Center users authenticate once through an identity provider instead of maintaining separate Control Center credentials. You can enable SSO for Control Center to offload user and authentication management to a supported OpenID Connect (OIDC) identity provider. SSO also lets you enforce additional security controls, such as multi-factor authentication (MFA).

After enabling SSO for Control Center, your Control Center users go to the Control Center page and click Log in via SSO to sign in to Control Center using their SSO user credentials.

Considerations:

  • To enable SSO for Control Center in Confluent Platform, you must configure Control Center to use an OIDC identity provider.

  • To use SSO with Control Center your installation must use Confluent Platform version 7.5 or later.

Configuration methods

Choose the configuration method that fits your environment:

If you encounter issues enabling SSO, see Troubleshoot SSO for Control Center using OIDC on Confluent Platform.