[GH-ISSUE #801] SSO with Keycloak #678

Closed
opened 2026-02-26 06:33:57 +03:00 by kerem · 4 comments
Owner

Originally created by @mprajescu on GitHub (Jan 5, 2021).
Original GitHub issue: https://github.com/NginxProxyManager/nginx-proxy-manager/issues/801

Is it possible to add Single Sign On capabilities to the Nginx Proxy Manager proxy hosts instead of only relying on manual user authentication setup under access lists?
Meaning that when a user accesses a server setup on a proxy host, will get redirected to keycloak for authentication.

The Nginx server can be set up with Lua as described in the post link I've shared below:

https://developers.redhat.com/blog/2018/10/08/configuring-nginx-keycloak-oauth-oidc/

Originally created by @mprajescu on GitHub (Jan 5, 2021). Original GitHub issue: https://github.com/NginxProxyManager/nginx-proxy-manager/issues/801 Is it possible to add Single Sign On capabilities to the Nginx Proxy Manager proxy hosts instead of only relying on manual user authentication setup under access lists? Meaning that when a user accesses a server setup on a proxy host, will get redirected to keycloak for authentication. The Nginx server can be set up with Lua as described in the post link I've shared below: https://developers.redhat.com/blog/2018/10/08/configuring-nginx-keycloak-oauth-oidc/
kerem 2026-02-26 06:33:57 +03:00
Author
Owner

@GlibTongue commented on GitHub (Jan 10, 2021):

See pr #753 perhaps this might help.

<!-- gh-comment-id:757411291 --> @GlibTongue commented on GitHub (Jan 10, 2021): See pr #753 perhaps this might help.
Author
Owner

@mprajescu commented on GitHub (Jan 11, 2021):

Thank you @GlibTongue. This might help. How can I implement this without having to run a different docker build? I think it's better to wait until this is merged into the main project. I don't mind the 300ms increase per host because at the moment I only run around 25 hosts, but I could see how this would get problematic once you get more hosts. I think it would be ready for the main project with a disclaimer that there is increased reload time once ODIC is enabled and configured.

<!-- gh-comment-id:757959417 --> @mprajescu commented on GitHub (Jan 11, 2021): Thank you @GlibTongue. This might help. How can I implement this without having to run a different docker build? I think it's better to wait until this is merged into the main project. I don't mind the 300ms increase per host because at the moment I only run around 25 hosts, but I could see how this would get problematic once you get more hosts. I think it would be ready for the main project with a disclaimer that there is increased reload time once ODIC is enabled and configured.
Author
Owner

@GlibTongue commented on GitHub (Jan 12, 2021):

Thank you @GlibTongue. This might help. How can I implement this without having to run a different docker build? I think it's better to wait until this is merged into the main project. I don't mind the 300ms increase per host because at the moment I only run around 25 hosts, but I could see how this would get problematic once you get more hosts. I think it would be ready for the main project with a disclaimer that there is increased reload time once ODIC is enabled and configured.

Yes, it is better to wait for it to be merged with main build as you might have trouble migrating back, though not that hard as you would just have to remove some rows in database.

Regarding the time increases, it solely depends on the person enabling this, if it is worth it or not. I personally am not using it as I have no need for it.

If you read the reply bottom down, Jamie mentioned not merging due to increasing time load, so I am guessing as long as its not solved it will stay as it is.

<!-- gh-comment-id:758435899 --> @GlibTongue commented on GitHub (Jan 12, 2021): > Thank you @GlibTongue. This might help. How can I implement this without having to run a different docker build? I think it's better to wait until this is merged into the main project. I don't mind the 300ms increase per host because at the moment I only run around 25 hosts, but I could see how this would get problematic once you get more hosts. I think it would be ready for the main project with a disclaimer that there is increased reload time once ODIC is enabled and configured. Yes, it is better to wait for it to be merged with main build as you might have trouble migrating back, though not that hard as you would just have to remove some rows in database. Regarding the time increases, it solely depends on the person enabling this, if it is worth it or not. I personally am not using it as I have no need for it. If you read the reply bottom down, Jamie mentioned not merging due to increasing time load, so I am guessing as long as its not solved it will stay as it is.
Author
Owner

@chaptergy commented on GitHub (May 12, 2021):

Duplicate of https://github.com/jc21/nginx-proxy-manager/issues/437

<!-- gh-comment-id:839803764 --> @chaptergy commented on GitHub (May 12, 2021): Duplicate of https://github.com/jc21/nginx-proxy-manager/issues/437
Sign in to join this conversation.
No milestone
No project
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/nginx-proxy-manager-NginxProxyManager#678
No description provided.