Nginx auth_request and Keycloak?

• oauth2-proxy

  98 8,821 9.0 Go

  A reverse proxy that provides authentication with Google, Azure, OpenID Connect and many more identity providers.

  

For anything that doesn't implement SAML or OIDC for authentication then you'll need to leverage that auth_request directive. To the best of my knowledge as someone who runs Keycloak + Nginx, you need some interim layer that can handle the OIDC login redirect dance on behalf of Keycloak. That's where oauth2-proxy comes in. You don't need to replace nginx with oauth2-proxy. Instead, oauth2-proxy can be used as an auth_request endpoint. This is how I've set it up.

• keycloak-config-cli

  10 684 8.1 Java

  Import YAML/JSON-formatted configuration files into Keycloak - Configuration as Code for Keycloak.

  

If you do end up using a setup like this then I highly recommend that you look into https://github.com/adorsys/keycloak-config-cli. tl;dr You can export your realm configuration once set up and then use it to restore your system should you lose your keycloak data. It can also be used to provision users but you have to manually add them to the realm export because they are not included in an export for some reason. All the different objects it can manage are documented here: https://www.keycloak.org/docs-api/17.0/rest-api/index.html#_realmrepresentation.

• InfluxDB

  www.influxdata.com featured

  Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

  

• vouch-proxy

  48 2,770 3.2 Go

  an SSO and OAuth / OIDC login solution for Nginx using the auth_request module

  

You can't use keycloak direct with auth requests - you need an intermediary they can bridge the gap (or a custom build of Nginx, but that is a pain in the ass). I use Vouch Proxy: https://github.com/vouch/vouch-proxy

Suggest a related project