Application user authentication

Posted on

When an application is deployed on OpenShift Container Platform(OCP) what is the best practice to authenticate the application user?

Should the application user have a corresponding user created with in the cluster using one of the identity provider such as OpenID Connect, Request header etc. and user OCP RBAC for authorization
OR
Should the application manage it's own user authentication and authorization?