Skip to content

OIDC - Support Policy per path (location block) #4666

New issue
New issue
Closed as not planned
Epic
Closed as not planned
OIDC - Support Policy per path (location block)#4666
Epic
Labels
backlogPull requests/issues that are backlog itemsstalePull requests/issues with no activity
@brianehlert

Description

@brianehlert
brianehlert
opened on Nov 16, 2023

The OIDC Policy can currently be associated with a VirutalServer but not with a VirtualServerRoute. If a user attempts to have a different OIDC Policy per location they are blocked by business logic and a message informing them this is not possible.

Counter this experience with the OIDC implementation with NGINX where different locations can have different IdPs.
This is the experience customers are seeking with NIC. The ability to have multiple OIDC policies and those can be associated with individual paths.
For reference, this is possible today with the JWT Policy.

AC:

  • unlock the ability to assign OIDC Policy uniquely per path
  • update the OIDC implementation to enable this use case
  • continue to support the OIDC customization options customers enjoy today
  • How NGINX conf is supposed to look

Metadata

Metadata

Assignees

No one assigned

    Labels

    backlogPull requests/issues that are backlog itemsstalePull requests/issues with no activity

    Type

    Projects

    NGINX Ingress Controller

    Status

    Done 🚀

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions