starred/holos
1
0
Fork 0
mirror of https://github.com/holos-run/holos.git synced 2026-03-20 09:15:02 +00:00
Code Issues Packages Projects Releases 10 Wiki Activity
Files
c53b6828521bf6dd4154d796f606dc97afb9816e
holos/docs/examples/platforms/reference
History
Jeff McCune c53b682852 (#66) Use x-oidc-id-token instead of authorization header 
Problem:
Backend services and web apps expect to place their own credentials into
the Authorization header.  oauth2-proxy writes over the authorization
header creating a conflict.

Solution:
Use the alpha configuration to place the id token into the
x-oidc-id-token header and configure the service mesh to authenticate
requests that have this header in place.

Note: ZITADEL does not use a JWT for an access token, unlike Keycloak
and Dex.  The access token is not compatible with a
RequestAuthentication jwt rule so we must use the id token.
2024-03-31 11:41:23 -07:00
..
clusters
(#66) Configure an ExtAuthzProxy provider for each project stage
2024-03-30 11:28:23 -07:00
certificates.cue
(#48) Zitadel Backups
2024-03-10 16:38:56 -07:00
meshconfig.cue
(#66) configure auth proxies to set Authorization: Bearer header
2024-03-30 16:15:27 -07:00
namespaces.cue
(#53) Add Vault as an optional service on the core clusters
2024-03-12 17:18:38 -07:00
platform_projects.cue
(#66) Use x-oidc-id-token instead of authorization header
2024-03-31 11:41:23 -07:00
project_constraints.cue
(#64) Manage one system namespace per project
2024-03-26 12:23:01 -07:00