A traefik Plugin for securing the upstream service with OpenID Connect acting as a relying party.
Note
This document always represents the latest version, which may not have been released yet. Therefore, some features may not be available currently but will be available soon. You can use the GIT-Tags to check individual versions.
Warning
This middleware is under active development and breaking changes may occur. It is only tested against traefik v3+.
| Provider | Status | Notes |
|---|---|---|
| ZITADEL | ✅ | |
| Kanidm | ✅ | See GH-12 |
| Keycloak | ✅ | |
| Microsoft EntraID | See GH-15 | |
| HashiCorp Vault | ❌ | See GH-13 |
| Pocket ID | ✅ |
Please see the full documentation HERE.
Note
The documentation is being built from the production branch, representing the latest released version. If you want to check the documentation of the main branch to see whats comming in the next version, see here.
Create the following .env file:
PROVIDER_URL=...
CLIENT_ID=...
CLIENT_SECRET=...
The run docker compose up to run traefik locally.
Now browse to http://localhost:9080. You should be redirected to your IDP. After you've logged in, you should be redirected back to http://localhost:9080 and see a WHOAMI page.
![@dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=64&v=4){kind=small}
