ory/oathkeeper
A cloud native Identity & Access Proxy / API (IAP) and Access Control Decision API that authenticates, authorizes, and mutates incoming HTTP(s) requests. Inspired by the BeyondCorp / Zero Trust white paper. Written in Go.
GoApache-2.0
Pinned issues
Issues
- 1
Oathkeeper returns a 401 "Access credentials are invalid" when exceeding Ory Network's rate limiting on /sessions/whoami endpoint
#1167 opened by wewelll - 3
- 8
Upgrade Oathkeeper helm chart 0.41 causes 503
#1165 opened by WoodyWoodsta - 14
- 0
Oathkeeper docker-compose.yml outdated env vars
#1164 opened by cerealkill - 1
Git as a repository for access rules & granularity: check against specific ingress against specific accessrule files
#1154 opened by qdrddr - 1
- 0
Oathkeeper returns encoded cookie
#1158 opened by c0d3rm0n - 13
Authorizer "remote" throws exception "invalid Read on closed Body" if request body is present in request
#1136 opened by denysandriyanov - 0
- 1
Watch rules changes on remote repositories
#1072 opened by emmanuelgautier - 2
`strip_path` strips the prefix from the final upstream request, not the initial request
#1085 opened by syserr0r - 0
Implement a `delegate` authenticator
#1152 opened by yunier-sc - 1
- 0
Outdated OTEL dependencies prevent import
#1148 opened by nico151999 - 0
Decision API is not respecting the token_from config
#1144 opened by osbornk - 0
Reference to .MatchContext.RegexpCaptureGroups doesn't render in access rules authenticator config
#1141 opened by sunnyyip - 1
Custom bearer token not redacted
#1081 opened by SkypLabs - 1
X-Forwarded headers missing from oauth2-client-credentials authenticator request on v.0.40.3, breaking hydra TLS termination
#1102 opened by mathportillo - 0
Basic Authorization header result in Unauthorized when using `anonymous` authenticator handler
#1137 opened by sayoun - 1
- 0
upstream reference closed: github.com/GoogleContainerTools/distroless/issues/1342
#1132 opened by github-actions - 0
Docs wrong for `bearer_token` Subject default location
#1130 opened by logan-hcg - 3
Oathkeeper duplicates CORS headers
#1100 opened by kamilkloch - 4
Observed memory leak in v0.40.3
#1112 opened by shoujun - 2
- 7
Allow for easily matching rules using path prefixes
#1089 opened by davidspek - 9
Leak sensitive secrets option not working
#1067 opened by SkypLabs - 0
- 0
- 0
Authenticator: Bearer_token w. "query_parameter" selector consumes request body
#1105 opened by marbergq - 10
Regex path matching isn't working.
#1095 opened by KieronWiltshire - 4
Unable to initialize Tracer.
#1066 opened by KieronWiltshire - 2
The ability to pass oauth scopes to the application layer without having to write checks on every route.
#1088 opened by KieronWiltshire - 1
- 1
Your documentation doesn't work
#1076 opened by oneacik - 4
No response for reported security issue for a month
#1071 opened by viters - 0
Regression: CORS is not handled properly
#1054 opened by marcinfigiel - 10
Performance/CPU usage regression in v0.40.0
#1033 opened by David-Wobrock - 1
0.40.1 does not build on macos
#1068 opened by radekg - 1
Middleware initializes pgx/v4
#1064 opened by rlorca - 2
oathkeeper repo is too big
#1040 opened by Lan-Phan - 0
Connection reuse in proxy mode
#1045 opened by ecktom - 1
- 1
introspection_request_headers value?
#1026 opened by scoutinhobh - 1
Using X-Forwarded-Uri header does not URL-decode or filter queries before matching rules
#1003 opened by akshualy - 0
remote_json encounted a go json error
#1031 opened by qscez2001 - 9
Unauthenticated requests with any cookie (but no session cookie) receive a 401 even with anonymous authenticator
#1017 opened by joaojramia - 1
Oathkeeper failed with cryptic error when remote_json authorizer returns response body
#1007 opened by omerlh - 0
oathkeeper breaks with custom domain
#1005 opened by finsterwalder