How to authenticate multiple Azure Apps against oauth2_proxy in Kubernetes How to authenticate multiple Azure Apps against oauth2_proxy in Kubernetes kubernetes kubernetes

How to authenticate multiple Azure Apps against oauth2_proxy in Kubernetes


azure kubernetes azure-active-directory azure-web-app-service oauth2-proxy

The solution was to add app's audience of second application to --extra-jwt-issuers argument. Here is the configuration and nitty-gritty details of how to use it.

- --azure-tenant=11111111-2222-3333-4444-55555555- --email-domain=*- --http-address=0.0.0.0:4180- --provider=oidc- --set-authorization-header=true- --set-xauthrequest=true- --pass-access-token=true- --pass-authorization-header=true- --pass-user-headers=true- --pass-host-header=true- --skip-jwt-bearer-tokens=true- --oidc-email-claim=oid- --oidc-issuer-url=https://sts.windows.net/11111111-2222-3333-4444-55555555/- --extra-jwt-issuers=https://sts.windows.net/11111111-2222-3333-4444-55555555/=api://app1-2222-3333-4444-55555555,https://sts.windows.net/11111111-2222-3333-4444-55555555/=api://app2-2222-3333-4444-55555555

As you can see above I'm actually adding two issuers, this is because I'm using two apps that need to be authenticated.

Recent Posts
How can I color dots in a xy scatterplot according to column value?
How to update a claim in ASP.NET Identity?
What does {0} mean when initializing an object?
Accessing members of items in a JSONArray with Java
How to log SQL statements in Spring Boot?
Powershell Get-WebSite name parameter is ignored
How to detect scroll to bottom of html element
Java synchronized method
How to test controllers with CodeIgniter?
Detect Visual Composer
Matplotlib: Specify format of floats for tick labels
Rails join a list of strings with commas and "and" before the last