3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-05-31 01:47:33 +02:00
Code Issues Projects Releases Packages Wiki Activity

Add configurable JWT claim headers (#596)

Browse source
This commit is contained in:
Travis Groth 2020-04-09 23:41:55 -04:00 committed by GitHub
parent b08ecc624a
commit 789068e27a
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
6 changed files with 118 additions and 17 deletions
Download patch file Download diff file Expand all files Collapse all files

11
docs/configuration/readme.md
View file

@ -674,6 +674,17 @@ Refresh cooldown is the minimum amount of time between allowed manually refreshe
Default Upstream Timeout is the default timeout applied to a proxied route when no `timeout` key is specified by the policy.
### JWT Claim Headers
- Environmental Variable: `JWT_CLAIMS_HEADERS`
- Config File Key: `jwt_claims_headers`
- Type: `string list`
- Example: `email,groups`, `user`
- Optional
Set this option for the pomerium proxy to copy JWT claim information into request headers with the name `x-pomerium-claim-*`. Any claim listed in the pomerium JWT can be placed into a corresponding header for downstream consumption. This claim information is sourced from your IDP and pomerium's own session metadata.
Use this option if you previously relied on `x-pomerium-authenticated-user-{email|user-id|groups}` for downstream authN/Z.
## Cache Service
The cache service is used for storing user session data.