Closed sivabudh closed 6 years ago
@sivabudh what exatcly do you mean by centralized authentication? You mean SSO? If yes, then sure, you can use Janus with the introspection oauth configuration that will point to google oauth endpoints. This way janus will always check if the provided token is still valid.
One example is this oauth server
configuration that we use for github SSO.
{
"name": "github-auth",
"oauth_endpoints": {
"authorize": {
"listen_path": "/auth/github/authorize",
"upstreams": {
"balancing": "roundrobin",
"targets": [{"target": "https://github.com/login/oauth/authorize"}]
},
"methods": [
"ALL"
]
},
"token": {
"listen_path": "/auth/github/token",
"upstreams": {
"balancing": "roundrobin",
"targets": [{"target": "https://github.com/login/oauth/access_token"}]
},
"methods": [
"GET",
"POST"
]
},
"introspect": {
"listen_path": "/auth/github/introspect",
"upstreams": {
"balancing": "roundrobin",
"targets": [{"target": "https://api.github.com/user"}]
},
"methods": ["GET"]
}
},
"secrets": {
"<your-client-id>": "<your-client-secret>"
},
"cors_meta": {
"enabled": true
"domains": ["*"],
"methods": [
"GET",
"POST",
"PUT",
"PATCH",
"DELETE",
"OPTIONS"
],
"request_headers": [
"Origin",
"Authorization",
"Content-Type"
],
},
"token_strategy": {
"name": "introspection",
"settings": {
"auth_header_type": "token",
"use_auth_header": true
}
}
}
Please let me know if this answer you question
Thanks for your response.
Just want to check about this specific feature. None of the other well-known API gateway has this feature.