I am looking for information if AM can be used as OIDC Identity Provider for Kubernetes API Authentication (id_token JWT). While I could find documentation on CoreOS DEX , TREMOLO OpenUnison and Keylock. There is no [google] documented information on use of ForgeRock AM.
As per the documentations for an identity provider to work with Kubernetes it must:
Support OpenID connect discovery; not all do.
Run in TLS with non-obsolete ciphers
Have a CA signed certificate (even if the CA is not a commercial CA or is self signed)