Skip to content

OpenID Connect (OIDC) & OAuth 2 API Server used to secure Kubernetes Ingress

License

Notifications You must be signed in to change notification settings

IvanJosipovic/OIDC-Guard

Repository files navigation

Logo

codecov GitHub Artifact Hub

OpenID Connect (OIDC) & OAuth 2 API Server used to secure Kubernetes Ingress

What is this?

This project is an API server which is used along with Ingress Controllers that support External Authentication and enables per Ingress customizable JWT validation with Cookie support for Web Applications.

Ingress Controller JWT Cookie
Nginx Ingress X X
Traefik X X

Features

  • Per Ingress JWT Validation
    • A single instance of oidc-guard can protect a whole cluster with configurable rules per Ingress
  • Cookie Auth for Web Applications
    • Returns an encrypted cookie which will be stored in the browser and sent on subsequent requests to pass through AuthN/AuthZ
  • JWT Auth for APIs
    • Requests with a Bearer token in the Authorization header will be validated
    • Supports loading JSON Web Key Set (JWKS) from Url
    • Supports custom Authorization header
  • AMD64 and ARM64 support

Documentation

Go to Wiki