https://github.com/ivanjosipovic/oidc-guard
OpenID Connect (OIDC) & OAuth 2 API Server used to secure Kubernetes Ingress
https://github.com/ivanjosipovic/oidc-guard
api cookie ingress ingress-nginx jwt jwt-validation kubernetes nginx oauth2 oidc pre-authentication traefik webapp
Last synced: about 2 months ago
JSON representation
OpenID Connect (OIDC) & OAuth 2 API Server used to secure Kubernetes Ingress
- Host: GitHub
- URL: https://github.com/ivanjosipovic/oidc-guard
- Owner: IvanJosipovic
- License: mit
- Created: 2023-06-11T03:14:44.000Z (almost 2 years ago)
- Default Branch: main
- Last Pushed: 2025-03-19T17:17:18.000Z (about 2 months ago)
- Last Synced: 2025-03-19T21:09:20.078Z (about 2 months ago)
- Topics: api, cookie, ingress, ingress-nginx, jwt, jwt-validation, kubernetes, nginx, oauth2, oidc, pre-authentication, traefik, webapp
- Language: C#
- Homepage:
- Size: 590 KB
- Stars: 46
- Watchers: 1
- Forks: 3
- Open Issues: 8
-
Metadata Files:
- Readme: README.md
- Funding: .github/FUNDING.yml
- License: LICENSE
Awesome Lists containing this project
README

[](https://codecov.io/gh/IvanJosipovic/OIDC-Guard)
[](https://github.com/IvanJosipovic/oidc-guard)
[](https://artifacthub.io/packages/helm/oidc-guard/oidc-guard)
OpenID Connect (OIDC) & OAuth 2 API Server used to secure Kubernetes Ingress
## What is this?
This project is an API server which is used along with Ingress Controllers that support External Authentication and enables per Ingress customizable JWT validation with Cookie support for Web Applications.
| Ingress Controller | JWT | Cookie|
|---|---|---|
| Nginx Ingress | X | X |
| Traefik | X | X |## Features
- Per Ingress JWT Validation
- A single instance of oidc-guard can protect a whole cluster with configurable rules per Ingress
- Cookie Auth for Web Applications
- Returns an encrypted cookie which will be stored in the browser and sent on subsequent requests to pass through AuthN/AuthZ
- JWT Auth for APIs
- Requests with a Bearer token in the Authorization header will be validated
- Supports loading JSON Web Key Set (JWKS) from Url
- Supports custom Authorization header
- AMD64 and ARM64 support## Documentation
[Go to Wiki](https://github.com/IvanJosipovic/OIDC-Guard/wiki)