Skip to content
Snippets Groups Projects
Commit 27002500 authored by Rohith's avatar Rohith
Browse files

- updating the readme to reflect the cli usage

parent fe9654c5
No related branches found
No related tags found
No related merge requests found
......@@ -30,7 +30,7 @@ USAGE:
keycloak-proxy [options]
VERSION:
v1.2.4 (git+sha: 6b14da3-dirty)
v1.2.7 (git+sha: fe9654c)
AUTHOR(S):
Rohith <gambol99@gmail.com>
......@@ -40,21 +40,23 @@ COMMANDS:
GLOBAL OPTIONS:
--config value the path to the configuration file for the keycloak proxy [$PROXY_CONFIG_FILE]
--listen value the interface the service should be listening on (default: "127.0.0.1:3000") [$PROXY_LISTEN]
--listen value the interface the service should be listening on [$PROXY_LISTEN]
--client-secret value the client secret used to authenticate to the oauth server (access_type: confidential) [$PROXY_CLIENT_SECRET]
--client-id value the client id used to authenticate to the oauth service [$PROXY_CLIENT_ID]
--discovery-url value the discovery url to retrieve the openid configuration [$PROXY_DISCOVERY_URL]
--scope value a variable list of scopes requested when authenticating the user
--token-validate-only validate the token and roles only, no required implement oauth
--redirection-url value redirection url for the oauth callback url (/oauth is added) [$PROXY_REDIRECTION_URL]
--revocation-url value the url for the revocation endpoint to revoke refresh token (default: "/oauth2/revoke") [$PROXY_REVOCATION_URL]
--revocation-url value the url for the revocation endpoint to revoke refresh token [$PROXY_REVOCATION_URL]
--store-url value url for the storage subsystem, e.g redis://127.0.0.1:6379, file:///etc/tokens.file [$PROXY_STORE_URL]
--upstream-url value the url for the upstream endpoint you wish to proxy to [$PROXY_UPSTREAM_URL]
--upstream-keepalives enables or disables the keepalive connections for upstream endpoint
--upstream-timeout value is the maximum amount of time a dial will wait for a connect to complete (default: 10s)
--upstream-keepalive-timeout value specifies the keep-alive period for an active network connection (default: 10s)
--enable-authorization-header adds the authorization header to the proxy request
--enable-refresh-tokens enables the handling of the refresh tokens
--secure-cookie enforces the cookie to be secure, default to true
--http-only-cookie enforces the cookie is in http only mode, default to false
--cookie-domain value a domain the access cookie is available to, defaults host header
--cookie-access-name value the name of the cookie use to hold the access token (default: "kc-access")
--cookie-refresh-name value the name of the cookie used to hold the encrypted refresh token (default: "kc-state")
......@@ -85,7 +87,7 @@ GLOBAL OPTIONS:
--cors-methods value the method permitted in the access control (Access-Control-Allow-Methods)
--cors-headers value a set of headers to add to the CORS access control (Access-Control-Allow-Headers)
--cors-exposes-headers value set the expose cors headers access control (Access-Control-Expose-Headers)
--cors-max-age value the max age applied to cors headers (Access-Control-Max-Age) (default: 0)
--cors-max-age value the max age applied to cors headers (Access-Control-Max-Age) (default: 0s)
--cors-credentials the credentials access control header (Access-Control-Allow-Credentials)
--enable-security-filter enables the security filter handler
--skip-token-verification TESTING ONLY; bypass token verification, only expiration and roles enforced
......@@ -466,3 +468,4 @@ You can control the upstream endpoint via the --upstream-url option. Both http a
#### **Metrics**
Assuming the --enable-metrics has been set, a prometheus endpoint can be found on /oauth/metrics
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment