Our great sponsors
-
oauth2-proxy
A reverse proxy that provides authentication with Google, Azure, OpenID Connect and many more identity providers.
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
We use oauth2-proxy for that purpose. You can set it up as a direct proxy, which works like a reverse-proxy with authentication, but you could also set it up as an authentication on the side that Nginx refers to it for authentication, and then redirects to your app when it's present.
This one tries to provide a general idea of how to configure the API server to use OIDC instead of relying on a proxy. https://github.com/project-octal/terraform-kubernetes-api-oidc-auth