https://github.com/safing/tlsauth
Traefik plugin to authenticate users on their TLS client certificate.
https://github.com/safing/tlsauth
traefik-plugin
Last synced: 4 months ago
JSON representation
Traefik plugin to authenticate users on their TLS client certificate.
- Host: GitHub
- URL: https://github.com/safing/tlsauth
- Owner: safing
- License: mit
- Created: 2022-12-22T21:07:19.000Z (over 3 years ago)
- Default Branch: master
- Last Pushed: 2022-12-22T21:36:29.000Z (over 3 years ago)
- Last Synced: 2025-12-01T01:50:58.038Z (7 months ago)
- Topics: traefik-plugin
- Language: Go
- Homepage:
- Size: 28.3 KB
- Stars: 7
- Watchers: 3
- Forks: 3
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# TLS Client Cert Authentication Traefik Plugin
Traefik plugin to authenticate users based on the Common Name, DNS Names and Email Addresses of their TLS client certificate. Optionally add the username as a request header for the upstream service.
### Config
- Users
- key/value map of CN/DNSName/EmailAddress of the TLS client certificate mapped to a username
- only users in this map will be allowed, all others denied
- UsernameHeader
- set to a header to include the username in upstream requests
```
type Config struct {
Users map[string]string
UsernameHeader string
}
```