Announcement
OAuth2 Proxy - Secure Your Applications with Multiple Identity Providers
A reverse proxy that provides authentication with Google, Azure, OpenID Connect and many more identity providers. Secure your applications and APIs easily.
Project Introduction
Summary
This project is an open-source reverse proxy and authentication middleware that allows you to secure websites, services, and APIs using popular identity providers (IDPs). It simplifies implementing authentication, authorization, and single sign-on (SSO).
Problem Solved
Building robust and secure authentication handling into every application is complex and time-consuming. This project provides a centralized, configurable reverse proxy solution to offload this responsibility.
Core Features
Multiple Identity Provider Support
Supports a wide range of identity providers including Google, Azure AD, Keycloak, Okta, and generic OIDC/OAuth2 providers.
Application & API Protection
Protects web applications and APIs by handling authentication before forwarding requests to the upstream service.
User Information Passthrough
Provides user identity information to upstream applications via request headers.
Flexible Deployment Options
Can be deployed easily in various environments, including Kubernetes.
Tech Stack
Use Cases
The proxy can be used in various scenarios to add an authentication layer in front of services that lack built-in support or require standardization.
Protecting Internal Web Applications
Details
Place the proxy in front of internal web applications (e.g., dashboards, wikis) to enforce corporate login via Google Workspace, Azure AD, etc.
User Value
Centralizes authentication, enhances security, and provides SSO for users accessing internal tools.
Securing API Gateways
Details
Use the proxy with an API Gateway to secure API endpoints, ensuring only authenticated users can access backend services.
User Value
Adds a robust authentication layer to APIs without requiring changes to the API microservices themselves.
Authentication for Kubernetes Services
Details
Integrate the proxy with Kubernetes Ingress controllers (like Nginx or Traefik) to secure services running in containers.
User Value
Provides seamless integration with cloud-native environments for securing containerized applications.
Recommended Projects
You might be interested in these projects
ForceuGokapi
Gokapi is a lightweight, self-hosted alternative to Firefox Send, designed for private file sharing without public upload capabilities. It offers robust support for AWS S3 storage.
horsicqDetect-It-Easy
A powerful open-source tool designed to simplify and automate a common, complex technical task, boosting productivity and reducing errors.
libjpeg-turbolibjpeg-turbo
libjpeg-turbo is a high-speed, high-quality JPEG codec that uses SIMD instructions (SSE2, AVX2, NEON, AltiVec) to accelerate JPEG compression and decompression. It is API and ABI compatible with the original IJG (Independent JPEG Group) libjpeg, making it a drop-in replacement for performance-critical applications.