Kubernetes offers two distinct ways for clients that run within your cluster, or that otherwise have a relationship to your cluster's control plane to authenticate to the API server. A service account provides an identity for processes that run in a Pod, and maps to a ServiceAccount object. When you authenticate to the API server, you identify yourself as a particular user. Kubernetes recognises the concept of a user, however, Kubernetes itself does not have a User API.| Kubernetes
Learn what it takes to build a functions platform for multiple tenants based upon our experience and insights from customers| OpenFaaS - Serverless Functions Made Simple
OpenFaaS - Serverless Functions Made Simple| docs.openfaas.com
Learn how to set up fine-grained access control and Single Sign-On for OpenFaaS with OpenID Connect (OIDC)| OpenFaaS - Serverless Functions Made Simple
This specification defines a protocol for an HTTP- and JSON-based Security Token Service (STS) by defining how to request and obtain security tokens from OAuth 2.0 authorization servers, including security tokens employing impersonation and delegation.| www.rfc-editor.org