oauth2-proxy/docs/7.0.x/configuration/tls/index.html

<!doctype html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width,initial-scale=1">
<meta name="generator" content="Docusaurus v2.0.0-alpha.66">
<title data-react-helmet="true">TLS Configuration | OAuth2 Proxy</title><meta data-react-helmet="true" name="twitter:card" content="summary_large_image"><meta data-react-helmet="true" name="docusaurus_language" content="en"><meta data-react-helmet="true" name="docusaurus_version" content="7.0.x"><meta data-react-helmet="true" name="docusaurus_tag" content="docs-default-7.0.x"><meta data-react-helmet="true" property="og:title" content="TLS Configuration | OAuth2 Proxy"><meta data-react-helmet="true" name="description" content="There are two recommended configurations."><meta data-react-helmet="true" property="og:description" content="There are two recommended configurations."><meta data-react-helmet="true" property="og:url" content="https://oauth2-proxy.github.io/oauth2-proxy/docs/7.0.x/configuration/tls"><link data-react-helmet="true" rel="shortcut icon" href="/oauth2-proxy/img/logos/OAuth2_Proxy_icon.svg"><link data-react-helmet="true" rel="canonical" href="https://oauth2-proxy.github.io/oauth2-proxy/docs/7.0.x/configuration/tls"><link rel="stylesheet" href="/oauth2-proxy/styles.b2862157.css">
<link rel="preload" href="/oauth2-proxy/styles.f494e809.js" as="script">
<link rel="preload" href="/oauth2-proxy/runtime~main.128af286.js" as="script">
<link rel="preload" href="/oauth2-proxy/main.b7d0cfde.js" as="script">
<link rel="preload" href="/oauth2-proxy/1.b73729bd.js" as="script">
<link rel="preload" href="/oauth2-proxy/2.0f84ec0c.js" as="script">
<link rel="preload" href="/oauth2-proxy/58.c351a43a.js" as="script">
<link rel="preload" href="/oauth2-proxy/60.0c644c35.js" as="script">
<link rel="preload" href="/oauth2-proxy/230aeb34.d5b08ee8.js" as="script">
<link rel="preload" href="/oauth2-proxy/17896441.3f09010b.js" as="script">
<link rel="preload" href="/oauth2-proxy/00691219.b2dfc659.js" as="script">
</head>
<body>
<script>!function(){function t(t){document.documentElement.setAttribute("data-theme",t)}var e=function(){var t=null;try{t=localStorage.getItem("theme")}catch(t){}return t}();t(null!==e?e:"light")}()</script><div id="__docusaurus">
<nav class="navbar navbar--fixed-top"><div class="navbar__inner"><div class="navbar__items"><div aria-label="Navigation bar toggle" class="navbar__toggle" role="button" tabindex="0"><svg xmlns="http://www.w3.org/2000/svg" width="30" height="30" viewBox="0 0 30 30" role="img" focusable="false"><title>Menu</title><path stroke="currentColor" stroke-linecap="round" stroke-miterlimit="10" stroke-width="2" d="M4 7h22M4 15h22M4 23h22"></path></svg></div><a class="navbar__brand" href="/oauth2-proxy/"><img class="navbar__logo" src="/oauth2-proxy/img/logos/OAuth2_Proxy_icon.svg" alt="OAuth2 Proxy"><strong class="navbar__title">OAuth2 Proxy</strong></a><a aria-current="page" class="navbar__item navbar__link navbar__link--active" href="/oauth2-proxy/docs/">Docs</a></div><div class="navbar__items navbar__items--right"><div class="navbar__item dropdown dropdown--hoverable dropdown--right"><a class="navbar__item navbar__link" href="/oauth2-proxy/docs/7.0.x/">7.0.x</a><ul class="dropdown__menu"><li><a class="dropdown__link" href="/oauth2-proxy/docs/next/configuration/tls">Next</a></li><li><a class="dropdown__link" href="/oauth2-proxy/docs/configuration/tls">7.2.x</a></li><li><a class="dropdown__link" href="/oauth2-proxy/docs/7.1.x/configuration/tls">7.1.x</a></li><li><a aria-current="page" class="dropdown__link dropdown__link--active" href="/oauth2-proxy/docs/7.0.x/configuration/tls">7.0.x</a></li><li><a class="dropdown__link" href="/oauth2-proxy/docs/6.1.x/configuration/tls">6.1.x</a></li></ul></div><a href="https://github.com/oauth2-proxy/oauth2-proxy" target="_blank" rel="noopener noreferrer" class="navbar__item navbar__link">GitHub</a><div class="react-toggle react-toggle--disabled displayOnlyInLargeViewport_2aTZ"><div class="react-toggle-track"><div class="react-toggle-track-check"><span class="toggle_BsTx">🌜</span></div><div class="react-toggle-track-x"><span class="toggle_BsTx">🌞</span></div></div><div class="react-toggle-thumb"></div><input type="checkbox" disabled="" aria-label="Dark mode toggle" class="react-toggle-screenreader-only"></div></div></div><div role="presentation" class="navbar-sidebar__backdrop"></div><div class="navbar-sidebar"><div class="navbar-sidebar__brand"><a class="navbar__brand" href="/oauth2-proxy/"><img class="navbar__logo" src="/oauth2-proxy/img/logos/OAuth2_Proxy_icon.svg" alt="OAuth2 Proxy"><strong class="navbar__title">OAuth2 Proxy</strong></a></div><div class="navbar-sidebar__items"><div class="menu"><ul class="menu__list"><li class="menu__list-item"><a aria-current="page" class="menu__link navbar__link--active" href="/oauth2-proxy/docs/">Docs</a></li><li class="menu__list-item"><a role="button" class="menu__link menu__link--sublist">Versions</a><ul class="menu__list"><li class="menu__list-item"><a class="menu__link" href="/oauth2-proxy/docs/next/configuration/tls">Next</a></li><li class="menu__list-item"><a class="menu__link" href="/oauth2-proxy/docs/configuration/tls">7.2.x</a></li><li class="menu__list-item"><a class="menu__link" href="/oauth2-proxy/docs/7.1.x/configuration/tls">7.1.x</a></li><li class="menu__list-item"><a aria-current="page" class="menu__link menu__link--active" href="/oauth2-proxy/docs/7.0.x/configuration/tls">7.0.x</a></li><li class="menu__list-item"><a class="menu__link" href="/oauth2-proxy/docs/6.1.x/configuration/tls">6.1.x</a></li></ul></li><li class="menu__list-item"><a href="https://github.com/oauth2-proxy/oauth2-proxy" target="_blank" rel="noopener noreferrer" class="menu__link">GitHub</a></li></ul></div></div></div></nav><div class="main-wrapper"><div class="docPage_2gpo"><div class="docSidebarContainer_3_JD" role="complementary"><div class="sidebar_2urC"><div class="menu menu--responsive menu_5FrY"><button aria-label="Open Menu" aria-haspopup="true" class="button button--secondary button--sm menu__button" type="button"><svg aria-label="Menu" class="sidebarMenuIcon_Dm3K" xmlns="http://www.w3.org/2000/svg" height="24" width="24" viewBox="0 0 32 32" role="img" focusable="false"><title>Menu</title><path stroke="currentColor" stroke-linecap="round" stroke-miterlimi
external load balancer like Amazon ELB or Google Platform Load Balancing) use <code>--http-address=&quot;0.0.0.0:4180&quot;</code> or
<code>--http-address=&quot;http://:4180&quot;</code>.</p><p>Nginx will listen on port <code>443</code> and handle SSL connections while proxying to <code>oauth2-proxy</code> on port <code>4180</code>.
<code>oauth2-proxy</code> will then authenticate requests for an upstream application. The external endpoint for this example
would be <code>https://internal.yourcompany.com/</code>.</p><p>An example Nginx config follows. Note the use of <code>Strict-Transport-Security</code> header to pin requests to SSL
via <a href="http://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security" target="_blank" rel="noopener noreferrer">HSTS</a>:</p><div class="mdxCodeBlock_1XEh"><div class="codeBlockContent_1u-d"><button tabindex="0" type="button" aria-label="Copy code to clipboard" class="copyButton_10dd">Copy</button><div class="prism-code language-undefined codeBlock_3iAC"><div class="codeBlockLines_b7E3" style="color:#bfc7d5;background-color:#292d3e"><div class="token-line" style="color:#bfc7d5"><span class="token plain">server {</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain">    listen 443 default ssl;</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain">    server_name internal.yourcompany.com;</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain">    ssl_certificate /path/to/cert.pem;</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain">    ssl_certificate_key /path/to/cert.key;</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain">    add_header Strict-Transport-Security max-age=2592000;</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain" style="display:inline-block">
</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain">    location / {</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain">        proxy_pass http://127.0.0.1:4180;</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain">        proxy_set_header Host $host;</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain">        proxy_set_header X-Real-IP $remote_addr;</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain">        proxy_set_header X-Scheme $scheme;</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain">        proxy_connect_timeout 1;</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain">        proxy_send_timeout 30;</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain">        proxy_read_timeout 30;</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain">    }</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain">}</span></div></div></div></div></div><p>The command line to run <code>oauth2-proxy</code> in this configuration would look like this:</p><div class="mdxCodeBlock_1XEh"><div class="codeBlockContent_1u-d"><button tabindex="0" type="button" aria-label="Copy code to clipboard" class="copyButton_10dd">Copy</button><div class="prism-code language-bash codeBlock_3iAC"><div class="codeBlockLines_b7E3" style="color:#bfc7d5;background-color:#292d3e"><div class="token-line" style="color:#bfc7d5"><span class="token plain">./oauth2-proxy </span><span class="token punctuation" style="color:rgb(199, 146, 234)">\</span><span class="token plain"></span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain">   --email-domain</span><span class="token operator" style="color:rgb(137, 221, 255)">=</span><span class="token string" style="color:rgb(195, 232, 141)">&quot;yourcompany.com&quot;</span><span class="token plain">  </span><span class="token punctuation" style="color:rgb(199, 146, 234)">\</span><span class="token plain"></span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain">   --upstream</span><span class="token operator" style="color:rgb(137, 221, 255)">=</span><span class="token plain">http://127.0.0.1:8080/ </span><span class="token punctuation" style="color:rgb(199, 146, 234)">\</span><span class="token plain"></span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain">   --cookie-secret</span><span class="token operator" style="color:rgb(137, 221, 255)">=</span><span class="token punctuation" style="color:rgb(199, 146, 234)">..</span><span class="token plain">. </span><span class="token punctuation" style="color:rgb(199, 146, 234)">\</span><span class="token plain"></span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain">   --cookie-secure</span><span class="token operator" style="color:rgb(137, 221, 255)">=</span><span class="token plain">true </span><span class="token punctuation" style="color:rgb(199, 146, 234)">\</span><span class="token plain"></span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain">   --provider</span><span class="token operator" style="color:rgb(137, 221, 255)">=</span><span class="token punctuation" style="color:rgb(199, 146, 234)">..</span><span class="token plain">. </span><span class="token punctuation" style="color:rgb(199, 146, 234)">\</span><span class="token plain"></span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain">   --reverse-proxy</span><span class="token operator" style="color:rgb(137, 221, 255)">=</span><span class="token plain">true </span><span class="token punctuation" style="color:rgb(199, 146, 234)">\</span><span class="token plain"></span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain">   --client-id</span><span class="token operator" style="color:rgb(137, 221, 255)">=</span><span cla
<script src="/oauth2-proxy/styles.f494e809.js"></script>
<script src="/oauth2-proxy/runtime~main.128af286.js"></script>
<script src="/oauth2-proxy/main.b7d0cfde.js"></script>
<script src="/oauth2-proxy/1.b73729bd.js"></script>
<script src="/oauth2-proxy/2.0f84ec0c.js"></script>
<script src="/oauth2-proxy/58.c351a43a.js"></script>
<script src="/oauth2-proxy/60.0c644c35.js"></script>
<script src="/oauth2-proxy/230aeb34.d5b08ee8.js"></script>
<script src="/oauth2-proxy/17896441.3f09010b.js"></script>
<script src="/oauth2-proxy/00691219.b2dfc659.js"></script>
</body>
</html>
Deploy website - based on 333418983c09b90be73aec61e5669fa0f2807bba 2021-03-25 17:26:00 +00:00			`<!doctype html>`
			`<html lang="en">`
			`<head>`
			`<meta charset="UTF-8">`
			`<meta name="viewport" content="width=device-width,initial-scale=1">`
			`<meta name="generator" content="Docusaurus v2.0.0-alpha.66">`
Deploy website - based on 823cb14d01c6cbdb2ef030c56471d2f78f0299bb 2021-05-23 19:23:08 +00:00			<title data-react-helmet="true">TLS Configuration \| OAuth2 Proxy</title><meta data-react-helmet="true" name="twitter:card" content="summary_large_image"><meta data-react-helmet="true" name="docusaurus_language" content="en"><meta data-react-helmet="true" name="docusaurus_version" content="7.0.x"><meta data-react-helmet="true" name="docusaurus_tag" content="docs-default-7.0.x"><meta data-react-helmet="true" property="og:title" content="TLS Configuration \| OAuth2 Proxy"><meta data-react-helmet="true" name="description" content="There are two recommended configurations."><meta data-react-helmet="true" property="og:description" content="There are two recommended configurations."><meta data-react-helmet="true" property="og:url" content="https://oauth2-proxy.github.io/oauth2-proxy/docs/7.0.x/configuration/tls"><link data-react-helmet="true" rel="shortcut icon" href="/oauth2-proxy/img/logos/OAuth2_Proxy_icon.svg"><link data-react-helmet="true" rel="canonical" href="https://oauth2-proxy.github.io/oauth2-proxy/docs/7.0.x/configuration/tls"><link rel="stylesheet" href="/oauth2-proxy/styles.b2862157.css">
			`<link rel="preload" href="/oauth2-proxy/styles.f494e809.js" as="script">`
Deploy website - based on 0693856bc319861a27d662d8befe0392763693d1 2021-11-15 09:25:55 +00:00			`<link rel="preload" href="/oauth2-proxy/runtime~main.128af286.js" as="script">`
Deploy website - based on 6c379f74dbb9078cbed8d9f8b77ca761fdf72f5a 2021-10-22 17:20:53 +00:00			`<link rel="preload" href="/oauth2-proxy/main.b7d0cfde.js" as="script">`
			`<link rel="preload" href="/oauth2-proxy/1.b73729bd.js" as="script">`
			`<link rel="preload" href="/oauth2-proxy/2.0f84ec0c.js" as="script">`
			`<link rel="preload" href="/oauth2-proxy/58.c351a43a.js" as="script">`
			`<link rel="preload" href="/oauth2-proxy/60.0c644c35.js" as="script">`
Deploy website - based on 823cb14d01c6cbdb2ef030c56471d2f78f0299bb 2021-05-23 19:23:08 +00:00			`<link rel="preload" href="/oauth2-proxy/230aeb34.d5b08ee8.js" as="script">`
Deploy website - based on 6c379f74dbb9078cbed8d9f8b77ca761fdf72f5a 2021-10-22 17:20:53 +00:00			`<link rel="preload" href="/oauth2-proxy/17896441.3f09010b.js" as="script">`
			`<link rel="preload" href="/oauth2-proxy/00691219.b2dfc659.js" as="script">`
Deploy website - based on 333418983c09b90be73aec61e5669fa0f2807bba 2021-03-25 17:26:00 +00:00			`</head>`
			`<body>`
			`<script>!function(){function t(t){document.documentElement.setAttribute("data-theme",t)}var e=function(){var t=null;try{t=localStorage.getItem("theme")}catch(t){}return t}();t(null!==e?e:"light")}()</script><div id="__docusaurus">`
Deploy website - based on 6c379f74dbb9078cbed8d9f8b77ca761fdf72f5a 2021-10-22 17:20:53 +00:00			<nav class="navbar navbar--fixed-top"><div class="navbar__inner"><div class="navbar__items"><div aria-label="Navigation bar toggle" class="navbar__toggle" role="button" tabindex="0"><svg xmlns="http://www.w3.org/2000/svg" width="30" height="30" viewBox="0 0 30 30" role="img" focusable="false"><title>Menu</title><path stroke="currentColor" stroke-linecap="round" stroke-miterlimit="10" stroke-width="2" d="M4 7h22M4 15h22M4 23h22"></path></svg></div><a class="navbar__brand" href="/oauth2-proxy/"><img class="navbar__logo" src="/oauth2-proxy/img/logos/OAuth2_Proxy_icon.svg" alt="OAuth2 Proxy"><strong class="navbar__title">OAuth2 Proxy</strong></a><a aria-current="page" class="navbar__item navbar__link navbar__link--active" href="/oauth2-proxy/docs/">Docs</a></div><div class="navbar__items navbar__items--right"><div class="navbar__item dropdown dropdown--hoverable dropdown--right"><a class="navbar__item navbar__link" href="/oauth2-proxy/docs/7.0.x/">7.0.x</a><ul class="dropdown__menu"><li><a class="dropdown__link" href="/oauth2-proxy/docs/next/configuration/tls">Next</a></li><li><a class="dropdown__link" href="/oauth2-proxy/docs/configuration/tls">7.2.x</a></li><li><a class="dropdown__link" href="/oauth2-proxy/docs/7.1.x/configuration/tls">7.1.x</a></li><li><a aria-current="page" class="dropdown__link dropdown__link--active" href="/oauth2-proxy/docs/7.0.x/configuration/tls">7.0.x</a></li><li><a class="dropdown__link" href="/oauth2-proxy/docs/6.1.x/configuration/tls">6.1.x</a></li></ul></div><a href="https://github.com/oauth2-proxy/oauth2-proxy" target="_blank" rel="noopener noreferrer" class="navbar__item navbar__link">GitHub</a><div class="react-toggle react-toggle--disabled displayOnlyInLargeViewport_2aTZ"><div class="react-toggle-track"><div class="react-toggle-track-check"><span class="toggle_BsTx">🌜</span></div><div class="react-toggle-track-x"><span class="toggle_BsTx">🌞</span></div></div><div class="react-toggle-thumb"></div><input type="checkbox" disabled="" aria-label="Dark mode toggle" class="react-toggle-screenreader-only"></div></div></div><div role="presentation" class="navbar-sidebar__backdrop"></div><div class="navbar-sidebar"><div class="navbar-sidebar__brand"><a class="navbar__brand" href="/oauth2-proxy/"><img class="navbar__logo" src="/oauth2-proxy/img/logos/OAuth2_Proxy_icon.svg" alt="OAuth2 Proxy"><strong class="navbar__title">OAuth2 Proxy</strong></a></div><div class="navbar-sidebar__items"><div class="menu"><ul class="menu__list"><li class="menu__list-item"><a aria-current="page" class="menu__link navbar__link--active" href="/oauth2-proxy/docs/">Docs</a></li><li class="menu__list-item"><a role="button" class="menu__link menu__link--sublist">Versions</a><ul class="menu__list"><li class="menu__list-item"><a class="menu__link" href="/oauth2-proxy/docs/next/configuration/tls">Next</a></li><li class="menu__list-item"><a class="menu__link" href="/oauth2-proxy/docs/configuration/tls">7.2.x</a></li><li class="menu__list-item"><a class="menu__link" href="/oauth2-proxy/docs/7.1.x/configuration/tls">7.1.x</a></li><li class="menu__list-item"><a aria-current="page" class="menu__link menu__link--active" href="/oauth2-proxy/docs/7.0.x/configuration/tls">7.0.x</a></li><li class="menu__list-item"><a class="menu__link" href="/oauth2-proxy/docs/6.1.x/configuration/tls">6.1.x</a></li></ul></li><li class="menu__list-item"><a href="https://github.com/oauth2-proxy/oauth2-proxy" target="_blank" rel="noopener noreferrer" class="menu__link">GitHub</a></li></ul></div></div></div></nav><div class="main-wrapper"><div class="docPage_2gpo"><div class="docSidebarContainer_3_JD" role="complementary"><div class="sidebar_2urC"><div class="menu menu--responsive menu_5FrY"><button aria-label="Open Menu" aria-haspopup="true" class="button button--secondary button--sm menu__button" type="button"><svg aria-label="Menu" class="sidebarMenuIcon_Dm3K" xmlns="http://www.w3.org/2000/svg" height="24" width="24" viewBox="0 0 32 32" role="img" focusable="false"><title>Menu</title><path stroke="currentColor" stroke-linecap="round" stroke-miterlimi
Deploy website - based on 333418983c09b90be73aec61e5669fa0f2807bba 2021-03-25 17:26:00 +00:00			`external load balancer like Amazon ELB or Google Platform Load Balancing) use <code>--http-address="0.0.0.0:4180"</code> or`
			`<code>--http-address="http://:4180"</code>.</p><p>Nginx will listen on port <code>443</code> and handle SSL connections while proxying to <code>oauth2-proxy</code> on port <code>4180</code>.`
			`<code>oauth2-proxy</code> will then authenticate requests for an upstream application. The external endpoint for this example`
			`would be <code>https://internal.yourcompany.com/</code>.</p><p>An example Nginx config follows. Note the use of <code>Strict-Transport-Security</code> header to pin requests to SSL`
			via <a href="http://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security" target="_blank" rel="noopener noreferrer">HSTS</a>:</p><div class="mdxCodeBlock_1XEh"><div class="codeBlockContent_1u-d"><button tabindex="0" type="button" aria-label="Copy code to clipboard" class="copyButton_10dd">Copy</button><div class="prism-code language-undefined codeBlock_3iAC"><div class="codeBlockLines_b7E3" style="color:#bfc7d5;background-color:#292d3e"><div class="token-line" style="color:#bfc7d5"><span class="token plain">server {</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> listen 443 default ssl;</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> server_name internal.yourcompany.com;</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> ssl_certificate /path/to/cert.pem;</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> ssl_certificate_key /path/to/cert.key;</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> add_header Strict-Transport-Security max-age=2592000;</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain" style="display:inline-block">
			</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> location / {</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> proxy_pass http://127.0.0.1:4180;</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> proxy_set_header Host $host;</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> proxy_set_header X-Real-IP $remote_addr;</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> proxy_set_header X-Scheme $scheme;</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> proxy_connect_timeout 1;</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> proxy_send_timeout 30;</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> proxy_read_timeout 30;</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> }</span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain">}</span></div></div></div></div></div><p>The command line to run <code>oauth2-proxy</code> in this configuration would look like this:</p><div class="mdxCodeBlock_1XEh"><div class="codeBlockContent_1u-d"><button tabindex="0" type="button" aria-label="Copy code to clipboard" class="copyButton_10dd">Copy</button><div class="prism-code language-bash codeBlock_3iAC"><div class="codeBlockLines_b7E3" style="color:#bfc7d5;background-color:#292d3e"><div class="token-line" style="color:#bfc7d5"><span class="token plain">./oauth2-proxy </span><span class="token punctuation" style="color:rgb(199, 146, 234)">\</span><span class="token plain"></span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> --email-domain</span><span class="token operator" style="color:rgb(137, 221, 255)">=</span><span class="token string" style="color:rgb(195, 232, 141)">"yourcompany.com"</span><span class="token plain"> </span><span class="token punctuation" style="color:rgb(199, 146, 234)">\</span><span class="token plain"></span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> --upstream</span><span class="token operator" style="color:rgb(137, 221, 255)">=</span><span class="token plain">http://127.0.0.1:8080/ </span><span class="token punctuation" style="color:rgb(199, 146, 234)">\</span><span class="token plain"></span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> --cookie-secret</span><span class="token operator" style="color:rgb(137, 221, 255)">=</span><span class="token punctuation" style="color:rgb(199, 146, 234)">..</span><span class="token plain">. </span><span class="token punctuation" style="color:rgb(199, 146, 234)">\</span><span class="token plain"></span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> --cookie-secure</span><span class="token operator" style="color:rgb(137, 221, 255)">=</span><span class="token plain">true </span><span class="token punctuation" style="color:rgb(199, 146, 234)">\</span><span class="token plain"></span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> --provider</span><span class="token operator" style="color:rgb(137, 221, 255)">=</span><span class="token punctuation" style="color:rgb(199, 146, 234)">..</span><span class="token plain">. </span><span class="token punctuation" style="color:rgb(199, 146, 234)">\</span><span class="token plain"></span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> --reverse-proxy</span><span class="token operator" style="color:rgb(137, 221, 255)">=</span><span class="token plain">true </span><span class="token punctuation" style="color:rgb(199, 146, 234)">\</span><span class="token plain"></span></div><div class="token-line" style="color:#bfc7d5"><span class="token plain"> --client-id</span><span class="token operator" style="color:rgb(137, 221, 255)">=</span><span cla
Deploy website - based on 823cb14d01c6cbdb2ef030c56471d2f78f0299bb 2021-05-23 19:23:08 +00:00			`<script src="/oauth2-proxy/styles.f494e809.js"></script>`
Deploy website - based on 0693856bc319861a27d662d8befe0392763693d1 2021-11-15 09:25:55 +00:00			`<script src="/oauth2-proxy/runtime~main.128af286.js"></script>`
Deploy website - based on 6c379f74dbb9078cbed8d9f8b77ca761fdf72f5a 2021-10-22 17:20:53 +00:00			`<script src="/oauth2-proxy/main.b7d0cfde.js"></script>`
			`<script src="/oauth2-proxy/1.b73729bd.js"></script>`
			`<script src="/oauth2-proxy/2.0f84ec0c.js"></script>`
			`<script src="/oauth2-proxy/58.c351a43a.js"></script>`
			`<script src="/oauth2-proxy/60.0c644c35.js"></script>`
Deploy website - based on 823cb14d01c6cbdb2ef030c56471d2f78f0299bb 2021-05-23 19:23:08 +00:00			`<script src="/oauth2-proxy/230aeb34.d5b08ee8.js"></script>`
Deploy website - based on 6c379f74dbb9078cbed8d9f8b77ca761fdf72f5a 2021-10-22 17:20:53 +00:00			`<script src="/oauth2-proxy/17896441.3f09010b.js"></script>`
			`<script src="/oauth2-proxy/00691219.b2dfc659.js"></script>`
Deploy website - based on 333418983c09b90be73aec61e5669fa0f2807bba 2021-03-25 17:26:00 +00:00			`</body>`
			`</html>`