mirror of
https://github.com/pomerium/pomerium.git
synced 2025-08-02 08:19:23 +02:00
Pomerium is an identity and context-aware access proxy.
4a3fb5d44b
authorize: get claims from signed jwt When doing databroker refactoring, all claims information were moved to signed JWT instead of raw session JWT. But we are still looking for claims info in raw session JWT, causes all X-Pomerium-Claim-* headers being gone. Fix this by looking for information from signed JWT instead. Note that even with this fix, the X-Pomerium-Claim-Groups is still not present, but it's another bug (see #941) and will be fixed later. Fixes #936 |
||
|---|---|---|
| .github | ||
| authenticate | ||
| authorize | ||
| cache | ||
| cmd | ||
| config | ||
| docs | ||
| integration | ||
| internal | ||
| proxy | ||
| scripts | ||
| .codecov.yml | ||
| .dockerignore | ||
| .gitignore | ||
| .golangci.yml | ||
| .pre-commit-config.yaml | ||
| 3RD-PARTY | ||
| Dockerfile | ||
| go.mod | ||
| go.sum | ||
| LICENSE | ||
| Makefile | ||
| package.json | ||
| README.md | ||
| renovate.json | ||
| VERSION | ||
Pomerium is an identity-aware proxy that enables secure access to internal applications. Pomerium provides a standardized interface to add access control to applications regardless of whether the application itself has authorization or authentication baked-in. Pomerium gateways both internal and external requests, and can be used in situations where you'd typically reach for a VPN.
Pomerium can be used to:
- provide a single-sign-on gateway to internal applications.
- enforce dynamic access policy based on context, identity, and device state.
- aggregate access logs and telemetry data.
- a VPN alternative.
Docs
For comprehensive docs, and tutorials see our documentation.