Securing Your Endpoints with OAuth Authentication
OAuth is a widely adopted authentication and authorization mechanism that enables users to securely access resources without exposing their credentials. It is commonly used for single sign-on (SSO), API security, and third-party integrations.
By enforcing OAuth authentication at the network edge, you can:
🔐 Ensure only authorized users can access your services.
⚡ Offload authentication from your application, simplifying backend logic.
🛡 Prevent unauthorized access by requiring valid OAuth tokens before forwarding requests.
🔍 What are the Benefits of Using OAuth for Authentication?
OAuth allows applications to delegate authentication to a trusted identity provider (IdP), reducing the need for applications to handle passwords directly. This enhances security, user experience, and compliance.
Key Benefits:
- Secure Authentication: Prevent unauthorized access with token-based authentication.
- Seamless Single Sign-On (SSO): Enable SSO across multiple services without requiring users to reauthenticate.
- Supports Major Identity Providers: Works with Google, Microsoft, GitHub, Okta, and other OAuth providers.
- Improves Security & Compliance: Helps meet security best practices like OAuth 2.0 and OpenID Connect (OIDC).
- Reduces Backend Complexity: Authentication happens before requests reach your application, eliminating the need for custom auth logic.
OAuth Examples
The following example showcases how you might set up a required Google login with a custom provider that requests the userinfo.profile
and userinfo.email
scopes.
Check out the OAuth traffic policy action page for more details about how it functions and the parameters it accepts. Consult the list of supported providers for step-by-step integration guides for each one.
- AgentEndpoint
- CloudEndpoint
- Ingress
- Gateway API
Loading…
Loading…
💡 Ingress
resources do not natively support OAuth enforcement, but they can be extended using a traffic policy.
1. Create an NgrokTrafficPolicy
Loading…
2. Use the NgrokTrafficPolicy
on an Ingress
Loading…
💡 Gateway API resources do not natively support OAuth enforcement, but they can be extended using a traffic policy.
1. Create an NgrokTrafficPolicy
Loading…
2. Use the NgrokTrafficPolicy
on a Gateway
The following example showcases supplying the NgrokTrafficPolicy
on a Gateway
resource. All requests to the Gateway
will run the traffic policy.
If you prefer, NgrokTrafficPolicy
can also be used on the route level by using an externalRef
filter on an HTTPRoute
. See the using Gateway API guide for examples.
Loading…