go/oauth2-proxy
1
0
Fork 0
mirror of https://github.com/oauth2-proxy/oauth2-proxy.git synced 2025-11-27 22:38:39 +02:00
Code Issues Releases Activity
Files
413d4f697632a270516a482910a157470b58f28f
oauth2-proxy/docs/versioned_docs/version-7.12.x/behaviour.md
github-actions[bot] 413d4f6976 add new docs version 7.12.x 
Signed-off-by: Jan Larwig <jan@larwig.com>
2025-08-19 08:42:18 +02:00

865 B
Raw Blame History

id, title
id title
behaviour Behaviour
  1. Any request passing through the proxy (and not matched by --skip-auth-regex) is checked for the proxy's session cookie (--cookie-name) (or, if allowed, a JWT token - see --skip-jwt-bearer-tokens).
  2. If authentication is required but missing then the user is asked to log in and redirected to the authentication provider (unless it is an Ajax request, i.e. one with Accept: application/json, in which case 401 Unauthorized is returned)
  3. After returning from the authentication provider, the oauth tokens are stored in the configured session store (cookie, redis, ...) and a cookie is set
  4. The request is forwarded to the upstream server with added user info and authentication headers (depending on the configuration)

Notice that the proxy also provides a number of useful endpoints.

Reference in New Issue View Git Blame Copy Permalink