I built a demonstration using GoLang, JSON, bcrypt, http client, http server to model an actual IDP. This is a demonstration only; it really helped me setup/understand what’s happening in the RequestHeader.
OpenShift 4.10: Configuring a request header identity provider enables an external service to act as an identity provider where a X-Remote-User
header to identify the user’s identity.
This document outlines the flow using the haproxy and Apache Httpd already installed on the Bastion server as part of the installation process and a local Go Test IdP to demonstrate the feature.
The rough flow between OpenShift, the User and the Test IdP is:

My Code is available at https://github.com/prb112/openshift-auth-request-header