Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: provider support jwt authentication #5

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

feat: provider support jwt authentication #5

wants to merge 2 commits into from

Conversation

Gilles-Marco
Copy link

Description of my issue / environment

I don't use the litellm master key to authenticate to my litellm instance.

I authenticate against an identity provider, giving me an JWT that it used as the api_token.

This IdP token can be read, validated and give me admin permission to my litellm instance.

The change I made

The change adds attributes to the litellm provider and make optionnal the api token.
These added attributes are used to do an HTTP Post request against the identity provider to get an access token
And this access token is then passed as the api_token.

I let the attribute request_header and request_payload widly configurable because depending on the IdP the request payload and header are not the same, to retrieve an access_token.

Example litellm terraform provider

provider "litellm"{
  
  jwt_token_endpoint = "https://<my-identity-provider-hostname>/token"
  jwt_request_header = {
    "Content-Type" = "application/x-www-form-urlencoded"
  }
  jwt_request_payload = {
    client_id = "<Client ID registered in the IdP>"
    client_secret = "<Client secret given by the IdP when the client was registered>"
    scope = "<scope used by litellm to identity the token as admin>"
    grant_type = "client_credentials" 
  }
  api_base_url = "https://<my-litellm-api-base-endpoint>"
}

I tested it, I created an example model and it worked.

To replicate my environment you could use keykloak

@gzamboni gzamboni self-requested a review November 20, 2024 21:43
gzamboni
gzamboni requested changes Nov 20, 2024
View reviewed changes
Copy link
Owner

@gzamboni gzamboni left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Awesome work! Ty so much.
There is only one problem here, there is no terraform documentation for all new things you implemented, hashicorp requires documentation that follows their standards.
You can see in /docs, /examples and https://developer.hashicorp.com/terraform/registry/providers/docs

without this, we cannot publish this code in the terraform official registry

@Gilles-Marco
Copy link
Author

Hello, thanks you for the review.

I started to work on the documentation of my works.

I moved the existing documentation to /templates and templatize it because when running tfplugindocs generate it overwrote your's manually written content.

@Gilles-Marco
Copy link
Author

Done adding the example and description for each PR i had done. Let me know if you want more details on some parts.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gzamboni gzamboni gzamboni requested changes

Requested changes must be addressed to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Gilles-Marco @gzamboni