10000 feature: Add support for client certificate instead of client_secret in OIDC · Issue #405 · greenpau/caddy-security · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content
feature: Add support for client certificate instead of client_secret in OIDC #405
New issue
New issue
Open
Open
feature: Add support for client certificate instead of client_secret in OIDC#405
Assignees
greenpau
Labels
featureneed triage
@johkin

Description

< 628F div class="Box-sc-g0xbh4-0 iKiGfw Avatar-module__avatarInner--rVuJD">@johkin
johkin
opened on Jun 5, 2025

A clear and concise description of what you want the system to do.

We have the requirement to use a client certificate to validate the client_id instead of using client_secret, it would be a nice addon if one could specify a client_certificate as a file.

What are the Caddyfile directives that need to be added.

Add Caddyfile directive:

{
  security {
    oauth identity provider generic {
			realm generic
			driver generic
			client_id {env.GENERIC_CLIENT_ID}
			**client_certificate file /etc/ssl/certs/my_client_cert.pem**
			scopes openid email profile
			base_auth_url https://keycloak.myfiosgateway.com/
			metadata_url https://keycloak.myfiosgateway.com/.well-known/openid-configuration
		}
  }
}

Metadata

Metadata

Assignees

Labels

featureneed triage

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions
    0