Skip to content
Snippets Groups Projects
Commit 3c8d5d83 authored by Rohith's avatar Rohith
Browse files

- updating the authors file (#45)

- updating the docs with the latest command line options, should probably autogenerate this though
parent 210db44a
Branches
Tags
No related merge requests found
Rohith <gambol99@gmail.com>
Tim <tim.gent@gmail.com>
......@@ -25,7 +25,7 @@ USAGE:
keycloak-proxy [global options] command [command options] [arguments...]
VERSION:
v1.0.0-rc2
v1.0.2
AUTHOR(S):
Rohith <gambol99@gmail.com>
......@@ -41,13 +41,15 @@ GLOBAL OPTIONS:
--discovery-url the discovery url to retrieve the openid configuration
--upstream-url "http://127.0.0.1:8081" the url for the upstream endpoint you wish to proxy to
--upstream-keepalives enables or disables the keepalive connections for upstream endpoint (defaults true)
--no-redirects true or false depending on whether you want a client without a valid token to be redirected
--encryption-key the encryption key used to encrpytion the session state
--store-url the store url to use for storing the refresh tokens, i.e. redis://127.0.0.1:6379, file:///etc/tokens.file
--no-redirects do not have back redirects when no authentication is present, simple reply with 401 code
--redirection-url the redirection url, namely the site url, note: /oauth will be added to it
--hostname [--hostname option --hostname option] a list of hostname which the service will respond to, defaults to all
--hostname [--hostname option --hostname option] a list of hostnames the service will respond to, defaults to all
--tls-cert the path to a certificate file used for TLS
--tls-private-key the path to the private key for TLS support
--tls-ca-certificate the path to the ca certificate used for mutual TLS
--skip-upstream-tls-verify whether to skip the verification of any upstream TLS (defaults to true)
--scope [--scope option --scope option] a variable list of scopes requested when authenticating the user
--claim [--claim option --claim option] a series of key pair values which must match the claims in the token present e.g. aud=myapp, iss=http://example.com etcd
--resource [--resource option --resource option] a list of resources 'uri=/admin|methods=GET|roles=role1,role2'
......@@ -61,6 +63,7 @@ GLOBAL OPTIONS:
--cors-exposes-headers [--cors-exposes-headers option --cors-exposes-headers option] set the expose cors headers access control (Access-Control-Expose-Headers)
--cors-max-age "0" the max age applied to cors headers (Access-Control-Max-Age)
--cors-credentials the credentials access control header (Access-Control-Allow-Credentials)
--enable-security-filter enables the security filter handler
--skip-token-verification testing purposes ONLY, the option allows you to bypass the token verification, expiration and roles are still enforced
--proxy-protocol switches on proxy protocol support on the listen (not supported yet)
--refresh-sessions enables the refreshing of tokens via offline access (defaults false)
......@@ -69,7 +72,6 @@ GLOBAL OPTIONS:
--verbose switch on debug / verbose logging
--help, -h show help
--version, -v print the version
```
#### **Configuration**
......@@ -275,4 +277,3 @@ which was signed by the CA being used.
* **/oauth/expired** is a helper endpoint to check if a access token has expired, 200 for ok and, 401 for no token and 401 for expired
* **/oauth/token** is a helper endpoint which will display the current access token for you
* **/oauth/health** is the health checking endpoint for the proxy
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment