oauth2-proxy/docs/versioned_docs/version-7.0.x/behaviour.md at fix/catch-route-errors

mirror of https://github.com/oauth2-proxy/oauth2-proxy.git synced 2026-04-26 20:42:38 +02:00

Files

T

NirronCD a2f2223d2b doc: improved clarity and correctness of proxy behaviour (#3305 )

* doc: adjust regarding description of behaviour

Signed-off-by: NirronCD <nirron@rietto.com>

* doc:changed style, added suggested

Signed-off-by: NirronCD <nirron@rietto.com>

* doc: minor fix to docusaurus metadata syntax

Signed-off-by: NirronCD <nirron@rietto.com>

* docs: improved clarity for how the proxy behaves in different scenarios

Signed-off-by: Jan Larwig <jan@larwig.com>

---------

Signed-off-by: NirronCD <nirron@rietto.com>
Signed-off-by: Jan Larwig <jan@larwig.com>
Co-authored-by: Jan Larwig <jan@larwig.com>

2026-01-14 21:26:50 +01:00

865 B

Raw Permalink Blame History

id, title

id	title
behaviour	Behaviour

Any request passing through the proxy (and not matched by --skip-auth-route) is checked for the proxy's session cookie (--cookie-name) (or, if allowed, a JWT token - see --skip-jwt-bearer-tokens).
If authentication is required but missing then the user is asked to log in and redirected to the authentication provider (unless it is an Ajax request, i.e. one with Accept: application/json, in which case 401 Unauthorized is returned)
After returning from the authentication provider, the oauth tokens are stored in the configured session store (cookie, redis, ...) and a cookie is set
The request is forwarded to the upstream server with added user info and authentication headers (depending on the configuration)

Notice that the proxy also provides a number of useful endpoints.

865 B Raw Permalink Blame History

865 B

Raw Permalink Blame History