Oauth2-proxy Alternatives
Similar projects and alternatives to oauth2-proxy
-
vouch-proxy
an SSO and OAuth / OIDC login solution for Nginx using the auth_request module
-
Keycloak
Open Source Identity and Access Management For Modern Applications and Services
-
SonarQube
Static code analysis for 29 languages.. Your projects are multi-language. So is SonarQube analysis. Find Bugs, Vulnerabilities, Security Hotspots, and Code Smells so you can release quality code every time. Get started analyzing your projects today for free.
-
-
traefik-forward-auth
Minimal forward authentication service that provides Google/OpenID oauth based login and authentication for the traefik reverse proxy
-
caddy-auth-portal
Authentication Plugin for Caddy v2 implementing Form-Based, Basic, Local, LDAP, OpenID Connect, OAuth 2.0 (Github, Google, Facebook, Okta, etc.), SAML Authentication. MFA with App Authenticators and Yubico.
-
-
-
Scout APM
Less time debugging, more time building. Scout APM allows you to find and fix performance issues with no hassle. Now with error monitoring and external services monitoring, Scout is a developer's best friend when it comes to application development.
-
docker-swag
Nginx webserver and reverse proxy with php support and a built-in Certbot (Let's Encrypt) client. It also contains fail2ban for intrusion prevention.
-
-
oidc
Easy to use OpenID Connect client and server library written for Go and certified by the OpenID Foundation
-
youtube-dl
Command-line program to download videos from YouTube.com and other video sites
-
cert-manager
Automatically provision and manage TLS certificates in Kubernetes
-
-
lua-resty-openidc
OpenID Connect Relying Party and OAuth 2.0 Resource Server implementation in Lua for NGINX / OpenResty
-
-
-
-
speedtest
Self-hosted Speedtest for HTML5 and more. Easy setup, examples, configurable, mobile friendly. Supports PHP, Node, Multiple servers, and more
-
awesome-tunneling
List of ngrok alternatives and other ngrok-like tunneling software and services. Focus on self-hosting.
-
home-ops
A mono repository for my home infrastructure and Kubernetes cluster which adheres to Infrastructure as Code (IaC) and GitOps practices where possible
oauth2-proxy reviews and mentions
-
FoundryVTT Keycloak login theme
FoundryVTT doesn't support any external authentication mechanisms as far as I know, so I'm using https://github.com/oauth2-proxy/oauth2-proxy in front of it. The docs there also describe which options to choose when setting up a client in your realm.
-
All in one app manager + app proxy
Not exactly what you're asking for, but I have a bunch of apps running in docker containers, only exposed on the local docker network, and Nginx running in another container, on the same network. Nginx is the only thing exposed to the Internet, and for each app, including Homer/Heimdall/whatever, I am securing it with oauth2-proxy. It took some time to figure out how to set things up, but now it is really easy to add a service and keep it secure.
-
Is my use case achievable ? (Frontend for rundeck)
Giving users access to exactly what they need, and nothing more is doable via Rundeck ACL polcies (though I've previously referred to rundeck acl policies as a level of hell, they do work, eventually). Assign permissions to groups, and then assign users to the groups that correspond with the permissions they need. If you can, consider using something like oauth2_proxy in front of rundeck in preauthenticated mode as this would let you create/manage groups in an existing system rather than dealing with creating users by hand in realms.properties.
-
Easily Serve Internal Documentation Behind OAuth Authentication
The site will be protected using GitHub sign-in by fronting it with Oauth2 Proxy
-
new selfhosted admin - i'm very confused about auth(entication|orization)
Note that you can gate app access behind an SSO provider, whether the app likes it or not, using a proxy like oauth-proxy. But that is a very brute force method of authentication: the app doesn't know it is happening and can't tell the difference between two users who use that gate. In a multi user environment that kinda sucks.
-
Log out link when using a reverse proxy to provide SSO
So, I have nginx as a reverse proxy in front of some self hosted (well, on a small vps at the moment) sites/apps, and am using oauth2-proxy (https://github.com/oauth2-proxy/oauth2-proxy) to provide SSO (Google login in this case) to some locations that don't support it on their own.
-
caddy v2.5.1 adds support for Authelia and other authentication providers
you can use oauth proxy in front a service to do a keycloak setup, and then optionally put caddy in front of oauth proxy.
- Reliable IP blacklist for state agencies
-
Help us build the best open source identity platform
In combination with proxies like https://github.com/oauth2-proxy/oauth2-proxy you can also make sure that nobody can access your services without a prior login.
-
Secure apps with Google auth
Currently I'm running Traefik with https://github.com/oauth2-proxy/oauth2-proxy but it has a minor issue which annoys me.. using Traefik it doesn't redirect back to the original request url but a 404 page (still creates the auth cookie so it works fine, just the UX is meh). It works fine with nginx but nginx had another set of issues for me.
-
Debugging a container with a sidecar running in Kubernetes using Gefyra
In this example, I am running an application server behind the OAuth2-Proxy (https://oauth2-proxy.github.io/oauth2-proxy/) using the Kubernetes sidecar pattern. The demo comes with an end-to-end OpenID Connect login flow on a local development machine, including Keycloak (https://www.keycloak.org/) as identity provider.
-
Otomi: Self-hosted PaaS for Kubernetes on Windows (minikube)
The latest version of Otomi, by default, installs a minimal set of apps, called the Core. The core offers an advanced ingress architecture based on Istio, Nginx ingress controller, Keycloak as IdP, OAuth2 Proxy, and cert-manager. With the web UI (Otomi Console) you can add services to the mesh and securely expose them with just one click. All other integrated apps are now optional and can be activated by dragging them into the enabled apps section.
-
Reverse Proxy Authentication (preferably docker image)
If you don't want to manage users and already have a google org/azure ad/... and want to re-use these logins, you can use something like https://github.com/oauth2-proxy/oauth2-proxy - just beware that some of these will just do authentication, no authorisation.
-
Discovered new tools.
Oauth2-proxy
-
Nginx auth_request and Keycloak?
For anything that doesn't implement SAML or OIDC for authentication then you'll need to leverage that auth_request directive. To the best of my knowledge as someone who runs Keycloak + Nginx, you need some interim layer that can handle the OIDC login redirect dance on behalf of Keycloak. That's where oauth2-proxy comes in. You don't need to replace nginx with oauth2-proxy. Instead, oauth2-proxy can be used as an auth_request endpoint. This is how I've set it up.
Stats
oauth2-proxy/oauth2-proxy is an open source project licensed under MIT License which is an OSI approved license.
Popular Comparisons
Are you hiring? Post a new remote job listing for free.