OpenID Connect (OIDC) & OAuth 2 API Server used to secure Kubernetes Ingress
This project is an API server which is used along with Ingress Controllers that support External Authentication and enables per Ingress customizable JWT validation with Cookie support for Web Applications.
Ingress Controller | JWT | Cookie |
---|---|---|
Nginx Ingress | X | X |
Traefik | X | X |
- Per Ingress JWT Validation
- A single instance of oidc-guard can protect a whole cluster with configurable rules per Ingress
- Cookie Auth for Web Applications
- Returns an encrypted cookie which will be stored in the browser and sent on subsequent requests to pass through AuthN/AuthZ
- JWT Auth for APIs
- Requests with a Bearer token in the Authorization header will be validated
- Supports loading JSON Web Key Set (JWKS) from Url
- Supports custom Authorization header
- AMD64 and ARM64 support