OAuth/OpenID

Sergey A. Osokin osa at freebsd.org.ru
Tue Feb 15 15:08:21 UTC 2022


Hi Michael,

hope you're doing well.

On Tue, Feb 15, 2022 at 08:41:08AM -0500, Michael Powell wrote:
> Hello,
> 
> Setting up some web sites, etc, looking into alternatives to Amazon
> Cognito, for instance, for user and/or 'identity' management, integration
> with 3P OAuth providers, i.e. Google, Facebook, etc. As I understand it,
> nginx provides these features, and more?

Yes, it's possible to setup OIDC flow with NGINX products.  Please note
an Identity Provider (IdP) needs to be configured as well, and that one
is a separate product.

Here's the reference implementation of OpenID Connection integration
for NGINX Plus, [1].  It uitilizes some NGINX Plus features, such as
auth_jwt directive, [2] from the ngx_http_auth_jwt_module, [3], keyval [4]
and keyval_zone [5] directives from ngx_http_keyval_module [6] module,
and NGINX JavaScript module, [7].

References:
[1] https://github.com/nginxinc/nginx-openid-connect
[2] https://nginx.org/en/docs/http/ngx_http_auth_jwt_module.html#auth_jwt
[3] https://nginx.org/en/docs/http/ngx_http_auth_jwt_module.html
[4] https://nginx.org/en/docs/http/ngx_http_keyval_module.html#keyval
[5] https://nginx.org/en/docs/http/ngx_http_keyval_module.html#keyval_zone
[6] https://nginx.org/en/docs/http/ngx_http_keyval_module.html
[7] http://nginx.org/en/docs/njs/

-- 
Sergey Osokin



More information about the nginx mailing list