---
title: "Onboarding a K3S Cluster"
slug: "onboarding-a-k3s-cluster"
updated: 2026-04-15T05:03:23Z
published: 2026-04-29T10:51:57Z
---

> ## Documentation Index
> Fetch the complete documentation index at: https://docs.britive.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Onboarding a K3s Cluster

In this section, the steps involved in onboarding a K3s cluster to Britive.

## Britive configuration

1. Log in to Britive with administrator privileges.
2. Click **System admin** -> **Tenant Applications**.
3. From the **Tenant Applications** page, click on **Create Application.**
4. On the **Add Application** page, click the **Add (+)** sign next to the Kubernetes application.
5. In the **Application**tab, enter the following values:
  1. Enter the **Application Name**.
  2. Enter the **Application Description**, if required.
6. Click **Next**. The **Settings** tab is displayed.
7. Check the **Display programmatic access keys** to allow the user to copy the credentials to the clipboard after they check out programmatic access profiles. Users can only access the keys through CLI or scripts if the option is not selected.
8. **Profile Settings**: Configure the maximum session duration for profiles. You can select the duration between 15 minutes to 7 calendar days. This allows to setup expiration duration for each profile while creating/updating the profile up to this configured value. If existing profiles are created with more than 12 hours and the above setting is changed, then it cannot be lowered until all profiles are updated with a lower expiration duration.
9. Click **Save**.
10. Click the **Create Entity**button.
11. Enter the following details in the **Create Environment/Environment Group**page:
  1. Select **Environment** in the **Entity Type**.
  2. Enter **Entity Name**.
  3. Enter **Entity Description**.
  4. Click **Save**.
12. On the **Settings**tab, Britive automatically creates OIDC attributes to use when setting up the federation trust with the K3s cluster. You need to add these attributes to the cluster’s API server configuration in the following steps.
13. Enter the API Server endpoint in the **Kubernetes API Server URL**. Copy this URL from the K3s Admin portal.
14. Enter certificate authority information in the **Certificate (CA Cert)**. You can get the certificate authority information from the K3s admin portal. Typically, this would be the Base64 encoded string of the server *ca.crt* file.

## Cluster configuration

Set up the K3s cluster configuration with the following options. The OIDC information is provided within Britive on a per “environment” basis. You may store this configuration in the config.yaml file for the cluster and restart the service.

```none
kube-apiserver-arg:
- "oidc-issuer-url=<<from-britive-ui>>" 
- "oidc-client-id=<<from-britive-ui>>" 
- "oidc-username-claim=sub" 
- "oidc-groups-claim=groups"
```