Skip to content
/ keycloak-http-auth Public

Validate auth and enforce ACLs for HTTP-based Keycloak token requests. Ideal for answering nginx auth requests.

License

MIT license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

WIPACrepo/keycloak-http-auth

BranchesTags

Repository files navigation

keycloak-http-auth

Validate auth and enforce ACLs for HTTP-based Keycloak token requests. Ideal for answering nginx auth requests.

Because this is meant for non-interactive use, failures only return 403.

On success, these http headers are returned:

  • REMOTE_USER: the posix.username or upn or preferred_username in the token (required)
  • X_UID: the posix.uid in the token (optional)
  • X_GID: the posix.gid in the token (optional)

UID and GID are useful for POSIX filesystem access, for example https://unix.stackexchange.com/a/489744.

Configuration

Primary configuration is via environment variables:

  • ISSUERS: the issuers, comma-separated
  • AUDIENCE: the audience
  • BASE_PATH: the base path of the server, before any authorized paths in the token

About

Validate auth and enforce ACLs for HTTP-based Keycloak token requests. Ideal for answering nginx auth requests.

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

6 watching

Forks

0 forks
Report repository

Releases 13

v1.0.16 Latest
Apr 18, 2023
+ 12 releases

Packages

 
 
 

Contributors 2

  •  
  •  

Languages