Basic-style auth with mod_auth_openidc

Question

Is there a way to configure mod_auth_openidc to act something like basic auth rather than redirecting to the auth provider (Okta, in my case) for login?

I'm setting up mod_auth_openidc on a reverse proxy but I'm protecting APIs that are accessed by services that can't handle anything more complicated than basic auth.

score 0 · Answer 1 · answered Nov 02 '17 at 15:41

0

You should be able to statically add a header that provides the required Basic authentication information as documented in Apache2 Reverse Proxy to an end-point that requires BasicAuth but want to hide this from user

So it would look something like: RequestHeader set Authorization "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ=="

answered Nov 02 '17 at 15:41

Hans Z.

50,496
12
102
115

But that gives me one username/password for everyone that consumes my site. I'd still like the APIs to log in - multiple apps, one account per app, accessing one endpoint. – davgoo Nov 03 '17 at 16:28
you can use that header in a specific context such as a Location, Directory and virtual host – Hans Z. Nov 03 '17 at 17:08

Basic-style auth with mod_auth_openidc

1 Answers1