Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Document AWS ALB OIDC integration #2891

Open
mooreds opened this issue Feb 14, 2024 · 1 comment
Open

Document AWS ALB OIDC integration #2891

mooreds opened this issue Feb 14, 2024 · 1 comment
Labels
project

Comments

@mooreds
Copy link
Contributor

mooreds commented Feb 14, 2024
edited
Loading

There are times when you want to have a webapp (or N webapps) behind an ALB. All access to these apps will be mediated through the ALB but only will be available to authenticated users.

FusionAuth can authenticate these users using the standard OIDC flows. (You want FusionAuth to stand outside the ALB.)

After FusionAuth authenticates the users, they will have a session cookie (managed by the ALB). See docs below.

This is different than the AWS API gateway documentation already written because that isn't using sessions; it expects a JWT for every request. In this case we have a session cookie managed by the ALB.

The task is to show how to configure an AWS ALB to work with FusionAuth.

Documentation: https://docs.aws.amazon.com/elasticloadbalancing/latest/application/listener-authenticate-users.html#authentication-flow

Internal: https://inversoft.slack.com/archives/C0407G6V5/p1724367717392939
@jobannon
Copy link
Contributor

Came up in a customer call today. Good doc story to write :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
project
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mooreds @jobannon