OksanaH/gist:e91ef8528eb96d8e552f1741a281c27a

## gistfile1.txt

# Vouch Proxy configuration
# bare minimum to get Vouch Proxy running with OpenID Connect (such as okta)

vouch:
  logLevel: debug
  # domains:
  # valid domains that the jwt cookies can be set into
  # the callback_urls will be to these domains
  #domains:
  #- my-example.io

  # - OR -
  # instead of setting specific domains you may prefer to allow all users...
  # set allowAllUsers: true to use Vouch Proxy to just accept anyone who can authenticate at the configured provider
  # and set vouch.cookie.domain to the domain you wish to protect
  allowAllUsers: true

  cookie:
    # allow the jwt/cookie to be set into http://yourdomain.com (defaults to true, requiring https://yourdomain.com)
    secure: false
    # vouch.cookie.domain must be set when enabling allowAllUsers
    domain: my-example.io
    httpOnly: true

  jwt:
    maxAge: 900

  headers:
    jwt: X-Vouch-Token
    #user: X-Vouch-User
    querystring: access_token
    redirect: X-Vouch-Requested-URI

  #listen: 0.0.0.0
  #port: 9090

oauth:
  # Generic OpenID Connect
  # including okta
  provider: oidc
  client_id: abcde122334567abcded
  client_secret: XXXXXXX
  auth_url: https://dev-000000.oktapreview.com/oauth2/default/v1/authorize
  token_url: https://dev-000000.oktapreview.com/oauth2/default/v1/token
  user_info_url: https://dev-000000.oktapreview.com/oauth2/default/v1/userinfo
  scopes:
    - openid
    - email
    - profile
  callback_url: http://my-example.io/auth

	# Vouch Proxy configuration
	# bare minimum to get Vouch Proxy running with OpenID Connect (such as okta)

	vouch:
	logLevel: debug
	# domains:
	# valid domains that the jwt cookies can be set into
	# the callback_urls will be to these domains
	#domains:
	#- my-example.io

	# - OR -
	# instead of setting specific domains you may prefer to allow all users...
	# set allowAllUsers: true to use Vouch Proxy to just accept anyone who can authenticate at the configured provider
	# and set vouch.cookie.domain to the domain you wish to protect
	allowAllUsers: true

	cookie:
	# allow the jwt/cookie to be set into http://yourdomain.com (defaults to true, requiring https://yourdomain.com)
	secure: false
	# vouch.cookie.domain must be set when enabling allowAllUsers
	domain: my-example.io
	httpOnly: true

	jwt:
	maxAge: 900

	headers:
	jwt: X-Vouch-Token
	#user: X-Vouch-User
	querystring: access_token
	redirect: X-Vouch-Requested-URI

	#listen: 0.0.0.0
	#port: 9090

	oauth:
	# Generic OpenID Connect
	# including okta
	provider: oidc
	client_id: abcde122334567abcded
	client_secret: XXXXXXX
	auth_url: https://dev-000000.oktapreview.com/oauth2/default/v1/authorize
	token_url: https://dev-000000.oktapreview.com/oauth2/default/v1/token
	user_info_url: https://dev-000000.oktapreview.com/oauth2/default/v1/userinfo
	scopes:
	- openid
	- email
	- profile
	callback_url: http://my-example.io/auth