Skip to content
/ keycloak-forward-auth Public

Adds a forward-auth endpoint to Keycloak that can be used with Traefik.

License

MIT license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

TwelveIterations/keycloak-forward-auth

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
.github/workflows
.github/workflows
 
 
gradle/wrapper
gradle/wrapper
 
 
src/main
src/main
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
build.gradle.kts
build.gradle.kts
 
 
gradle.properties
gradle.properties
 
 
gradlew
gradlew
 
 
gradlew.bat
gradlew.bat
 
 
settings.gradle.kts
settings.gradle.kts
 
 

Repository files navigation

Keycloak Forward Auth

This plugin adds a new forward-auth endpoint to Keycloak that can be used with Traefik's forward-auth middleware.

It works by checking for a special cookie to be present ({clientId}_forward_auth) and contain a valid access token for this client. If not, a redirect to the login page is performed, which will subsequently set said cookie after login. If the cookie already exists and is still valid, 204 NO CONTENT is returned and Traefik will let the request pass through the middleware.

Work in Progress

  • The plugin does not attempt to refresh access tokens currently, which means it will perform an unnecessary auth redirect when navigating after the access token expired. See ForwardAuthResource#refreshCookie.

About

Adds a forward-auth endpoint to Keycloak that can be used with Traefik.

Topics

keycloak-provider

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Languages