Guard Azure AD/LDAP Insecure


Hi isn’t it insecure to host the token as a base64 encoded username:password in kubeconfig? Is there another way that we can authenticate without this encoded token?


In LDAP simple authentication, you have to provide username and password. That’s why guard use token as a base64 encoded username:password.

There is an another authentication mechanism called Kerberos in You can try that.