{
    "description": "Console holds cluster-wide configuration for the web console, including the logout URL, and reports the public URL of the console. The canonical name is `cluster`. \n Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).",
    "properties": {
        "apiVersion": {
            "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources",
            "type": "string"
        },
        "kind": {
            "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds",
            "type": "string"
        },
        "metadata": {
            "type": "object"
        },
        "spec": {
            "description": "spec holds user settable values for configuration",
            "properties": {
                "authentication": {
                    "description": "ConsoleAuthentication defines a list of optional configuration for console authentication.",
                    "properties": {
                        "logoutRedirect": {
                            "description": "An optional, absolute URL to redirect web browsers to after logging out of the console. If not specified, it will redirect to the default login page. This is required when using an identity provider that supports single sign-on (SSO) such as: - OpenID (Keycloak, Azure) - RequestHeader (GSSAPI, SSPI, SAML) - OAuth (GitHub, GitLab, Google) Logging out of the console will destroy the user's token. The logoutRedirect provides the user the option to perform single logout (SLO) through the identity provider to destroy their single sign-on session.",
                            "pattern": "^$|^((https):\\/\\/?)[^\\s()<>]+(?:\\([\\w\\d]+\\)|([^[:punct:]\\s]|\\/?))$",
                            "type": "string"
                        }
                    },
                    "type": "object",
                    "additionalProperties": false
                }
            },
            "type": "object",
            "additionalProperties": false
        },
        "status": {
            "description": "status holds observed values from the cluster. They may not be overridden.",
            "properties": {
                "consoleURL": {
                    "description": "The URL for the console. This will be derived from the host for the route that is created for the console.",
                    "type": "string"
                }
            },
            "type": "object",
            "additionalProperties": false
        }
    },
    "required": [
        "spec"
    ],
    "type": "object",
    "additionalProperties": false,
    "$schema": "http://json-schema.org/draft-04/schema#"
}