Skip to content
GitLab
Explore
Sign in
Primary navigation
Search or go to…
Project
K
keycloak-proxy
Manage
Activity
Members
Labels
Plan
Issues
Issue boards
Milestones
Wiki
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Snippets
Build
Pipelines
Jobs
Pipeline schedules
Artifacts
Deploy
Releases
Container registry
Model registry
Operate
Environments
Monitor
Incidents
Service Desk
Analyze
Value stream analytics
Contributor analytics
CI/CD analytics
Repository analytics
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
Janne Mareike Koschinski
keycloak-proxy
Commits
27002500
Commit
27002500
authored
8 years ago
by
Rohith
Browse files
Options
Downloads
Patches
Plain Diff
- updating the readme to reflect the cli usage
parent
fe9654c5
No related branches found
No related tags found
No related merge requests found
Changes
1
Show whitespace changes
Inline
Side-by-side
Showing
1 changed file
README.md
+25
-22
25 additions, 22 deletions
README.md
with
25 additions
and
22 deletions
README.md
+
25
−
22
View file @
27002500
...
...
@@ -30,7 +30,7 @@ USAGE:
keycloak-proxy
[
options]
VERSION:
v1.2.
4
(
git+sha:
6b14da3-dirty
)
v1.2.
7
(
git+sha:
fe9654c
)
AUTHOR
(
S
)
:
Rohith <gambol99@gmail.com>
...
...
@@ -40,21 +40,23 @@ COMMANDS:
GLOBAL OPTIONS:
--config
value the path to the configuration file
for
the keycloak proxy
[
$PROXY_CONFIG_FILE
]
--listen
value the interface the service should be listening on
(
default:
"127.0.0.1:3000"
)
[
$PROXY_LISTEN
]
--listen
value the interface the service should be listening on
[
$PROXY_LISTEN
]
--client-secret
value the client secret used to authenticate to the oauth server
(
access_type: confidential
)
[
$PROXY_CLIENT_SECRET
]
--client-id
value the client
id
used to authenticate to the oauth service
[
$PROXY_CLIENT_ID
]
--discovery-url
value the discovery url to retrieve the openid configuration
[
$PROXY_DISCOVERY_URL
]
--scope
value a variable list of scopes requested when authenticating the user
--token-validate-only
validate the token and roles only, no required implement oauth
--redirection-url
value redirection url
for
the oauth callback url
(
/oauth is added
)
[
$PROXY_REDIRECTION_URL
]
--revocation-url
value the url
for
the revocation endpoint to revoke refresh token
(
default:
"/oauth2/revoke"
)
[
$PROXY_REVOCATION_URL
]
--revocation-url
value the url
for
the revocation endpoint to revoke refresh token
[
$PROXY_REVOCATION_URL
]
--store-url
value url
for
the storage subsystem, e.g redis://127.0.0.1:6379, file:///etc/tokens.file
[
$PROXY_STORE_URL
]
--upstream-url
value the url
for
the upstream endpoint you wish to proxy to
[
$PROXY_UPSTREAM_URL
]
--upstream-keepalives
enables or disables the keepalive connections
for
upstream endpoint
--upstream-timeout
value is the maximum amount of
time
a dial will
wait
for
a connect to
complete
(
default: 10s
)
--upstream-keepalive-timeout
value specifies the keep-alive period
for
an active network connection
(
default: 10s
)
--enable-authorization-header
adds the authorization header to the proxy request
--enable-refresh-tokens
enables the handling of the refresh tokens
--secure-cookie
enforces the cookie to be secure, default to
true
--http-only-cookie
enforces the cookie is
in
http only mode, default to
false
--cookie-domain
value a domain the access cookie is available to, defaults host header
--cookie-access-name
value the name of the cookie use to hold the access token
(
default:
"kc-access"
)
--cookie-refresh-name
value the name of the cookie used to hold the encrypted refresh token
(
default:
"kc-state"
)
...
...
@@ -85,7 +87,7 @@ GLOBAL OPTIONS:
--cors-methods value the method permitted in the access control (Access-Control-Allow-Methods)
--cors-headers value a set of headers to add to the CORS access control (Access-Control-Allow-Headers)
--cors-exposes-headers value set the expose cors headers access control (Access-Control-Expose-Headers)
--cors-max-age value the max age applied to cors headers (Access-Control-Max-Age) (default: 0)
--cors-max-age value the max age applied to cors headers (Access-Control-Max-Age) (default: 0
s
)
--cors-credentials the credentials access control header (Access-Control-Allow-Credentials)
--enable-security-filter enables the security filter handler
--skip-token-verification TESTING ONLY; bypass token verification, only expiration and roles enforced
...
...
@@ -466,3 +468,4 @@ You can control the upstream endpoint via the --upstream-url option. Both http a
#### **Metrics**
Assuming the --enable-metrics has been set, a prometheus endpoint can be found on /oauth/metrics
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment