Stack Overflow
Stack Overflow

Questions tagged [google-cloud-identity-aware-proxy]

40 questions
2
votes
0 answers

Authentication config for cloud run behind IAP

I want to run a Cloud Run service behind an external HTTPS LB and IAP. After setting everything up, I still get a 403 Forbidden when trying to access the Service via the URL pointing to the LB (after IAP login pops up and I sign in). I presume this…
T0bz
  • 21
  • 2
2
votes
2 answers

Can't connect via IAP to GCP instance running Ubuntu 22.04 LST

I have IAP configured and use it to connect to several instances in GCP. All the pre-requisite permissions and firewall rules I should need are in place (IAP-secured Tunnel User, owner, security admin) and this works flawlessly on all other…
Ricky
  • 61
  • 7
2
votes
0 answers

GCP API Gateway : Authentication of already logged in Google Users

Our API gateway exposes a URL endpoint to load images etc. from a Cloud Run backend service. This URL endpoint is used by a user interface secured by Google's Identity Aware Proxy (IAP). Therefore, all requests to the URL endpoint come from already…
Ben
  • 290
  • 2
  • 17
2
votes
0 answers

How do I fix an "Unable to parse JWT" error on Identity Aware Proxy?

I am trying to use a cloud run endpoint through GCP's Identity Aware Proxy and all of a sudden the IAP endpoint started throwing an error: Invalid IAP credentials: Unable to parse JWT I am using the extension_google_sign_in_as_googleapis_auth…
Jeroen Schweitzer
  • 21
  • 3
2
votes
1 answer

Postman - Access API that secured by Authentication: Bearer Token behind Google Identity Aware Proxy

Background: I have an API that previously running behind VPN. The API it self implement JWT Authentication for some path, so we have to attach: Authorization: Bearer We just update our API to run behind Google Identity Aware Proxy…
roman
  • 788
  • 1
  • 10
  • 23
2
votes
1 answer

How to access already authenticated user from web application behind Google Identity Aware Proxy?

I have a web application which sits behind Google's Identity Aware Proxy (IAP). IAP authenticates the user before forwarding to my web application. How can I access the already authenticated user from my web application? In Getting the user's…
Edward J. Stembler
  • 1,932
  • 4
  • 30
  • 53
1
vote
0 answers

Allow IAP on applications running on Compute Engine

I currently have different web application running in Compute engine using an external IP.(everyone can connect and even login if they have the correct information) I would like to enable IAP to project those webpage. By enabling IAP for https…
rma
  • 11
  • 1
1
vote
0 answers

Missing cookie key/value from request headers in one iAP enabled App Engine instance but not the other

Context: 2 app engine (flex) node servers: identical configuration Both include the 3 commonly used key/values in the request headers x-goog-authenticated-user-email x-goog-authenticated-user-id x-goog-iap-jwt-assertion 1 of them consistently…
insta catering
  • 151
  • 2
  • 12
1
vote
1 answer

Identity Aware Proxy Page not showing my domain

I've setup my GCP App Engine app to use the Identity Aware Proxy (IAP) to limit which users can see/use my app. I followed these docs. However, when I navigate to my page the login screen says: "Sign in to continue to iap.googleapis.com". How do I…
joeltine
  • 1,610
  • 17
  • 23
1
vote
1 answer

Adding Google accounts to Cloud Identity Groups

I have Google identity with a domain example.com and have created a group, say my-admins@example.com. I can create users a-user@example.com and say another-user@example.com and add them to group my-admins@example.com. I have a Google Cloud…
plasmadrive
  • 31
  • 2
1
vote
2 answers

'gcloud alpha iap oauth-brands create' getting INVALID PARAMETER

For some reason I deleted so called brand entity at my gcloud console. Now I want to create new one using the command in the console: gcloud alpha iap oauth-brands create --application_title='EmojiRave' --support_email='rebelusgames@gmail.com' But…
Сергей Мацкевич
  • 11
  • 1
1
vote
0 answers

No resolver defined to resolve myipp.com in nginx on google cloud

My puprose is to use nginx as a proxy for another application and I get an error above and I get 502 badgateway when I try to access my app. My nginx configurations are shown below and I already unlinked the default nginx configurations but I still…
doksha
  • 47
  • 1
  • 2
  • 8
0
votes
0 answers

Managing Identity-Aware Proxy users with glcoud and/or Terraform

I have a project on Google Cloud Platform that's made up primarily of Kubernetes services and those are exposed to the public internet using an ingress, also defined in Kubernetes. Some services are protected by the Identity-Aware Proxy. Until now,…
mroach
  • 2,403
  • 1
  • 22
  • 29
0
votes
0 answers

Rundeck Community Version SSO with Google Accounts

Has anyone successfully enabled SSO with Rundeck Community version and Google accounts? From what I'm reading full SSO is only supported in the Enterprise version. In theory, you can configure the community version with pre-auth and it should work,…
Gary Turner
  • 189
  • 9
0
votes
0 answers

A big Problem with Cloud IAP - I need support

problem with IAP I used the option to open SSH terminal on the Cloud console to connect to VMs. 3 days before I created a new VM, configured it, tested the webserver and everything it was working normally UNTIL I decided stopped and started the…
Administrador Uniatitude
  • 1
1
2 3