Chef Automate frontend UI would support user authentication via JWT.
Basically the idea would be that we could configure Chef Automate with;
1. trusted header name to look for a JWT
2. a trusted issuer of those JWTs via a standardized URL
The JWT includes "claims" (aka attributes) about the user. So we could then map those claims to the Chef Automate username and even Chef Automate teams the way SAML config does now.