I'm currently reading through the Dask Gateway installation docs. I notice that one can specify a custom authenticator, but there is no documentation on what its interface is or how to deploy it.
I am running an openid server provided by keycloak. I would like dask either to forward authentication to keycloak (best), or to accept tokens and verify them with keycloak. Are there some examples on an openid connect setup? Or general instructions/requirements for deploying custom authentication?
