Bridging Clouds: TikTok's Blueprint for Unified OIDC Access on Multi-Cloud Kubernetes

Learn how TikTok developed a scalable, centralized OpenID Connect (OIDC) framework for managing access across multi-cloud Kubernetes environments in this technical conference talk. Explore their innovative solution using a reverse proxy approach that ensures seamless authentication and authorization across GKE, EKS, OKE, and on-premises clusters. Discover the architectural strategy that leverages Envoy for request handling and dynamic configuration with external authorization filters to accommodate diverse OIDC implementations. Gain insights into how TikTok identified and resolved OIDC discrepancies among different cloud providers to create a unified solution that simplifies Kubernetes access management while strengthening security and compliance across their global infrastructure.