Skip to content

🧩 A traefik Plugin for securing the upstream service with OpenID Connect acting as a relying party.

License

Notifications You must be signed in to change notification settings

sevensolutions/traefik-oidc-auth

This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.

Folders and files

NameName
Last commit message
Last commit date

Latest commit

57e0def Β· Jan 18, 2025

History

81 Commits
May 11, 2024
Jan 8, 2025
Jan 8, 2025
Nov 17, 2024
Jan 18, 2025
Jan 4, 2025
Jan 8, 2025
Nov 11, 2024
Aug 9, 2024
Jan 3, 2025
Jan 8, 2025
Nov 17, 2024
Dec 14, 2024
Jan 6, 2025
Jan 6, 2025
Jan 6, 2025
Oct 25, 2024
Nov 17, 2024
Nov 17, 2024
Jan 6, 2025
Nov 17, 2024
Jan 8, 2025
May 11, 2024
Jan 5, 2025
Jan 6, 2025
Jan 6, 2025
Jan 8, 2025
Jan 6, 2025
Nov 17, 2024

Repository files navigation

Traefik OpenID Connect Middleware

Logo

A traefik Plugin for securing the upstream service with OpenID Connect acting as a relying party.

Note

This document always represents the latest version, which may not have been released yet. Therefore, some features may not be available currently but will be available soon. You can use the GIT-Tags to check individual versions.

Warning

This middleware is under active development and breaking changes may occur. It is only tested against traefik v3+.

Tested Providers

Provider Status Notes
ZITADEL βœ…
Kanidm βœ… See GH-12
Keycloak βœ…
Microsoft EntraID ⚠️ See GH-15
HashiCorp Vault ❌ See GH-13
Pocket ID βœ…

πŸ“š Documentation

Please see the full documentation HERE.

Note

The documentation is being built from the production branch, representing the latest released version. If you want to check the documentation of the main branch to see whats comming in the next version, see here.

πŸ§ͺ Local Development and Testing

Create the following .env file:

PROVIDER_URL=...
CLIENT_ID=...
CLIENT_SECRET=...

The run docker compose up to run traefik locally.

Now browse to http://localhost:9080. You should be redirected to your IDP. After you've logged in, you should be redirected back to http://localhost:9080 and see a WHOAMI page.