mirror of
https://github.com/lukaszraczylo/traefikoidc.git
synced 2026-06-05 22:44:17 +00:00
32 lines
1.2 KiB
YAML
32 lines
1.2 KiB
YAML
displayName: Traefik OIDC
|
|
type: middleware
|
|
|
|
import: github.com/lukaszraczylo/traefikoidc
|
|
|
|
summary: |
|
|
Middleware adding OIDC authentication to traefik routes. Does what it says on the tin.
|
|
Middleware has been tested with Auth0 and Logto. It should work with any OIDC provider.
|
|
|
|
testData:
|
|
providerURL: https://accounts.google.com
|
|
clientID: 1234567890.apps.googleusercontent.com
|
|
clientSecret: secret
|
|
callbackURL: /oauth2/callback
|
|
logoutURL: /oauth2/logout
|
|
postLogoutRedirectURI: /oidc/different-logout # If not provided it will redirect to the "/" URL
|
|
scopes: # If not provided, default scopes will be used (openid, email, profile)
|
|
- openid
|
|
- email
|
|
- profile
|
|
allowedUserDomains: # If not provided - will rely entirely on the OIDC yes/no
|
|
- raczylo.com
|
|
allowedRolesAndGroups:
|
|
- guest-endpoints
|
|
sessionEncryptionKey: potato-secret-is-at-least-32-bytes-long
|
|
forceHTTPS: false
|
|
logLevel: debug # debug, info, warn, error
|
|
rateLimit: 100 # Simple rate limiter to prevent brute force attacks
|
|
excludedURLs: # Determines the list of URLs which are NOT a subject to authentication
|
|
- /login # covers /login, /login/me, /login/reminder etc.
|
|
- /my-public-data
|