Ecosyste.ms: OpenCollective

An open API service for software projects hosted on Open Collective.

github.com/greenpau/caddy-security

🔐 Authentication, Authorization, and Accounting (AAA) App and Plugin for Caddy v2. 💎 Implements Form-Based, Basic, Local, LDAP, OpenID Connect, OAuth 2.0 (Github, Google, Facebook, Okta, etc.), SAML Authentication. MFA/2FA with App Authenticators and Yubico. 💎 Authorization with JWT/PASETO tokens. 🔐
https://github.com/greenpau/caddy-security

Authorize by a token from Azure Entra?

svenakela opened this issue 19 days ago
Json (examples) instead of Caddyfile

Fabbzz opened this issue about 1 month ago
question: Is it possible to use Duo identity from Cisco?

kwuite opened this issue about 1 month ago
question: Using Caddy without the authentication portal

MatyasHorvath12 opened this issue about 2 months ago
question: Authenticate agains two differentkeycloak realms

theodotos opened this issue about 2 months ago
question: Not redirected back to the app from keycloak

theodotos opened this issue about 2 months ago
breakfix: How to get the default password when using Local authentication?

borjapazr opened this issue 2 months ago
breakfix: samesite strict makes redirect wrong

Gunni opened this issue 2 months ago
question: auto redirect with angular SPA

thebirches opened this issue 2 months ago
question: Using name or email from token as a header_up

thebirches opened this issue 2 months ago
question: How to use Microsoft Authentication?

qxsch opened this issue 3 months ago
question: forgive the simple question

oandgtc opened this issue 3 months ago
question: Lock authentication to specific IP addresses

Gunni opened this issue 3 months ago
OAuth2 TLS handshake timeout

casperdcl opened this issue 4 months ago
breakfix: Cannot reach /settings endpoint even with authp/user role

mjwhite opened this issue 4 months ago
v1.1.29 default get guest role (with users and admin)

PaddyPat opened this issue 5 months ago
OAuth transparent authentication in Caddy

ArjonBu opened this issue 5 months ago
breakfix: Environment Substitution does not work for auth url within policy

alex3305 opened this issue 5 months ago
How to exclude a subdomain from auth?

JostBrand opened this issue 6 months ago
reference-config: multi-host domain with LinkedIn and Local authentication

greenpau opened this issue 6 months ago
OAuth successfull login redirects back to /login

alternativc opened this issue 6 months ago
question: How to initiate proxy pass after successful auth?

icsy7867 opened this issue 6 months ago
question: Caddy Security as SSO provider

trueFireblade opened this issue 6 months ago
Status of security vulnerabilities?

mdbraber opened this issue 6 months ago
breakfix: cookie/token is invalidated before it expires

vnxme opened this issue 7 months ago
Can not create locally hosted minimal instance for debug/test/error reproduction

MrChadMWood opened this issue 7 months ago
Injected headers not forwarded to underlying application.

MrChadMWood opened this issue 7 months ago
breakfix: RBAC can't access [realm_access-roles]

bakabaka0613 opened this issue 7 months ago
Kinde Support

andrefmarques opened this issue 7 months ago
NetSuite as a OIDC Provider

Shaun-York opened this issue 7 months ago
breakfix: Unable to authenticate with more than 1 replica

andrefmarques opened this issue 7 months ago
question: How to reverse proxy to different server based on multiple policy

write3371 opened this issue 7 months ago
question: form-based login

tribor opened this issue 8 months ago
question: MFA disable?

tribor opened this issue 8 months ago
breakfix: respect password policy from users.json

tribor opened this issue 8 months ago
Settings Page Returns Page Not Found

WalterSchirmacher opened this issue 8 months ago
question: Where can we get configuration details for the AWS Cognito IdP?

MrChadMWood opened this issue 8 months ago
Is it possible to postpone the access_token expiration with every call?

carlo161 opened this issue 9 months ago
feature: PKCE challange

Hero9909 opened this issue 9 months ago
breakfix: GitHub oauth2 flow always redirects back to /login even after successful login

infogulch opened this issue 9 months ago
feature: LDAP assumes memberof is available which is deprecated in OpenLDAP

ForceFaction opened this issue 9 months ago
Integration with Oauth provider LemonLDAP is not working

radokristof opened this issue 9 months ago
Integrate SSO with Google SAML

pmquang opened this issue 9 months ago
breakfix: ACL path/method rules always seem to result in a miss

alberthdev opened this issue 10 months ago
help needed: Support The Project

greenpau opened this issue 10 months ago
announcement: Profile UI Release

greenpau opened this issue 10 months ago
Bump google.golang.org/protobuf from 1.31.0 to 1.33.0

dependabot[bot] opened this pull request 10 months ago
question: inject headers not presented

MrOzean opened this issue 10 months ago
question: Passkey support

cromelex opened this issue 10 months ago
Use OIDC/SAML backwards to pass valid jwt token/roles/user to other Oauth/SAML compatible apps protected by Caddy reverse proxy

TedSheckler2021 opened this issue 10 months ago
question: API Key in Authorization: Bearer header

mitja opened this issue 11 months ago
question: Is it possible only to verify KeyCloak access token

bcherkezovtf opened this issue 11 months ago
Incredibly bad question

demuxer86 opened this issue 11 months ago
breakfix: Azure OAuth2 config not working

MrSuttonmann opened this issue 11 months ago
How to set a custom session timeout value?

bfg100k opened this issue 11 months ago
Is caddy-security has cache?

kylehz opened this issue 11 months ago
updates

andrewsonpradeep opened this pull request 11 months ago
Apple Passkeys

SgtErnestBilko opened this issue 11 months ago
question: Preflight requests

rowanstrydom opened this issue 11 months ago
question: refresh_token not working in azure oAuth 2.0

SLAN14 opened this issue 12 months ago
question: Caddy is oauth proxy for grafana oauth identity forwarding

moritz31 opened this issue 12 months ago
I'm using the recommended config but endpoints are always authorized

alphajoza opened this issue 12 months ago
feature: Simplify configuring multiple OAuth clients

matthias-stone opened this issue about 1 year ago
Spelling

jsoref opened this pull request about 1 year ago
question: How do I require authentication for a reverse proxy

toddhow opened this issue about 1 year ago
question: Is there a way to match if a value is in an array?

mattatjff opened this issue about 1 year ago
question: ACL in Caddy

jayadevx opened this issue about 1 year ago
webadmin user unauthorized problem

mahq195 opened this issue about 1 year ago
breakfix: password_recovery_enabled

slowkow opened this issue about 1 year ago
question: Help me configure this: one-off retro week event

IngwiePhoenix opened this issue about 1 year ago
feature: Events

gedw99 opened this issue about 1 year ago
question: No Token Found for Discord auth, confused about config

michael94ellis opened this issue about 1 year ago
Open the 'discussions' tab

sandstrom opened this issue about 1 year ago
Trying to authenticate API calls with LDAP

EdOro126 opened this issue about 1 year ago
Basic auth credentials validation using LDAP identity store instead of username / hashed_password

stereocarnyx opened this issue about 1 year ago
Fix: Custom HTML Headers and static assets got lost on caddy adapt

poettig opened this pull request about 1 year ago
Running caddy-security on Caddy Docker

ktruo010 opened this issue about 1 year ago
question: How to set the portal URL?

xtractalpha opened this issue about 1 year ago
question: use authp as upstream oauth server / authorization endpoint?

unusualevent opened this issue about 1 year ago
question: google oauth, send "prompt" query param

highfredo opened this issue about 1 year ago
question: include multiple JavaScript files in template.

xtractalpha opened this issue about 1 year ago
question: Conditional redirect to OIDC provider login page based on IP together with OIDC-enabled web app

nicolazilio opened this issue about 1 year ago
chore: remove refs to deprecated io/ioutil

testwill opened this pull request about 1 year ago
breakfix: Deadlock starting with OIDC provider behind caddy

pinpox opened this issue over 1 year ago
question: How to get refresh_token from Azure SSO

cdebadri opened this issue over 1 year ago
question: Suppressing noisy auth failure logs

mechanarchy opened this issue over 1 year ago
question: Allow all users and inject headers for authenticated users at the same time

infogulch opened this issue over 1 year ago
breakfix: Injected headers not present

infogulch opened this issue over 1 year ago
breakfix: `keystore: failed to parse token` with JWT shared secret

michaelsproul opened this issue over 1 year ago
authenticating with azure

larsr opened this issue over 1 year ago
ReadFileBytes panics when a provided path is empty

ahpaleus opened this issue over 1 year ago
No CSRF Mitigation in Caddy Security Admin Panel

ahpaleus opened this issue over 1 year ago
Stored XSS in admin panel triggerable by CSRF

ahpaleus opened this issue over 1 year ago
Lack of User Session Invalidation on Logout

ahpaleus opened this issue over 1 year ago
2FA Bypass by Brute-Forcing Verification Codes

ahpaleus opened this issue over 1 year ago
X-Forwarded-Proto Header Manipulation

ahpaleus opened this issue over 1 year ago
X-Forwarded-Host Header Manipulation

ahpaleus opened this issue over 1 year ago
Open Redirection Vulnerability

ahpaleus opened this issue over 1 year ago
Referer-Based Header XSS

ahpaleus opened this issue over 1 year ago
IP Spoofing via X-Forwarded-For Header

ahpaleus opened this issue over 1 year ago