Last active
October 12, 2021 19:38
-
-
Save OksanaH/e91ef8528eb96d8e552f1741a281c27a to your computer and use it in GitHub Desktop.
config.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Vouch Proxy configuration | |
# bare minimum to get Vouch Proxy running with OpenID Connect (such as okta) | |
vouch: | |
logLevel: debug | |
# domains: | |
# valid domains that the jwt cookies can be set into | |
# the callback_urls will be to these domains | |
#domains: | |
#- my-example.io | |
# - OR - | |
# instead of setting specific domains you may prefer to allow all users... | |
# set allowAllUsers: true to use Vouch Proxy to just accept anyone who can authenticate at the configured provider | |
# and set vouch.cookie.domain to the domain you wish to protect | |
allowAllUsers: true | |
cookie: | |
# allow the jwt/cookie to be set into http://yourdomain.com (defaults to true, requiring https://yourdomain.com) | |
secure: false | |
# vouch.cookie.domain must be set when enabling allowAllUsers | |
domain: my-example.io | |
httpOnly: true | |
jwt: | |
maxAge: 900 | |
headers: | |
jwt: X-Vouch-Token | |
#user: X-Vouch-User | |
querystring: access_token | |
redirect: X-Vouch-Requested-URI | |
#listen: 0.0.0.0 | |
#port: 9090 | |
oauth: | |
# Generic OpenID Connect | |
# including okta | |
provider: oidc | |
client_id: abcde122334567abcded | |
client_secret: XXXXXXX | |
auth_url: https://dev-000000.oktapreview.com/oauth2/default/v1/authorize | |
token_url: https://dev-000000.oktapreview.com/oauth2/default/v1/token | |
user_info_url: https://dev-000000.oktapreview.com/oauth2/default/v1/userinfo | |
scopes: | |
- openid | |
- profile | |
callback_url: http://my-example.io/auth | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment