Question: OIDC optional per location or source IP
hammondr opened this issue · 1 comments
hammondr commented
Is it possible to enforce client OIDC authentication only for some location(s)? In my use case, I would like to require OIDC authentication for browser users but allow calls to location /rest to pass through to the upstream server without redirect.
lcrilly commented
Yes, of course. Any location without the OIDC configuration will behave just the way you configure them. NGINX location blocks are selected by most specific match, so your location /rest example will take precedence over location /. See http://nginx.org/en/docs/http/request_processing.html#simple_php_site_configuration