You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Is your feature request related to a problem? Please describe.
We have several cli applications that communicate over HTTP, and we would love to use pomerium for these as pomerium provides loads of logging, auditing, AAA, and also allows for injection of mTLS and headers. It is amazing and we love it!
One of the features I recently learned about was the "programmatic access" function of pomerium whereby you can add a specific Authorization header and it will authenticate past pomerium for non browser environments. This is exactly what we need! But unfortunately these CLI applications only allow certain things to be added (for example they allow for a basic auth username and password to be supplied). Would it be possible to also allow for "basic auth" to be used instead of just the
"Authorization: Pomerium a.real.jwt"
For example the username could be a static "pomerium" and the password could be the JWT. This is also how some other sites do it with API keys (i.e. the API key is the password of a basic auth and the username is some static thing like "api")
Describe alternatives you've considered
We thought about writing our own proxy but I think it would be nicer to have in Pomerium itself
Explain any additional use-cases
Basically, for "legacy" or static applications that do not support adding any additional headers past basic auth (as basic auth is very well adopted)
Additional context
Add any other context or screenshots about the feature request here.
The text was updated successfully, but these errors were encountered:
Is your feature request related to a problem? Please describe.
We have several cli applications that communicate over HTTP, and we would love to use pomerium for these as pomerium provides loads of logging, auditing, AAA, and also allows for injection of mTLS and headers. It is amazing and we love it!
One of the features I recently learned about was the "programmatic access" function of pomerium whereby you can add a specific Authorization header and it will authenticate past pomerium for non browser environments. This is exactly what we need! But unfortunately these CLI applications only allow certain things to be added (for example they allow for a basic auth username and password to be supplied). Would it be possible to also allow for "basic auth" to be used instead of just the
"Authorization: Pomerium a.real.jwt"
For example the username could be a static "pomerium" and the password could be the JWT. This is also how some other sites do it with API keys (i.e. the API key is the password of a basic auth and the username is some static thing like "api")
Describe alternatives you've considered
We thought about writing our own proxy but I think it would be nicer to have in Pomerium itself
Explain any additional use-cases
Basically, for "legacy" or static applications that do not support adding any additional headers past basic auth (as basic auth is very well adopted)
Additional context
Add any other context or screenshots about the feature request here.
The text was updated successfully, but these errors were encountered: