Stack Overflow
Stack Overflow

Questions tagged [google-iap]

Questions related to Google Cloud Identity Aware Proxy

134 questions
16
votes
5 answers

IAP tunnel to VM

I’ve a question regarding Compute VM and its associated privileges. I have ‘Owner’ privileges at Project level. I created a VM but was not able to assign an external IP address to it. Upon referring to google cloud docs, it appears that I’ll still…
Shiva
  • 161
  • 1
  • 1
  • 3
14
votes
2 answers

Serve content from a Google Cloud Storage bucket using Identity-Aware Proxy (IAP)

I have some content in a GCS bucket: $ gsutil ls gs://my-bucket index.html I'd like to serve this behind OAuth using Identity-Aware Proxy (IAP). I'm following these instructions. I've created a load balancer and and "backend bucket" like so: On…
danvk
  • 15,863
  • 5
  • 72
  • 116
8
votes
3 answers

Programmatic access from a service account to a Google IAP protected resource denied with invalid signature error

I recently enabled IAP in GKE cluster. Cluster Version: 1.15.11-gke.11 I followed the instructions here: https://cloud.google.com/iap/docs/enabling-kubernetes-howto Service config is as follows: --- apiVersion: cloud.google.com/v1beta1 kind:…
Byungjoon Lee
  • 913
  • 6
  • 18
6
votes
1 answer

Enable CORS with Google IAP

I'm are trying make an ajax call to my web api server from a third party JavaScript integration. However after enabling IAP on my API server, I'm unable to make the calls to my web apis from my integration server. I have added my integration server…
Feroz Shaikh
  • 61
  • 1
  • 2
6
votes
1 answer

IAP Signed Headers & AppEngine Standard Python 3.7 Runtime

Is it necessary to validate signed headers from IAP in the AppEngine Standard Python 3.7 runtime? The IAP documentation is silent on specifics for the Python 3.7 runtime. The IAP documentation says: AppEngine Standard should use the Users…
rxs-bjw
  • 111
  • 7
6
votes
2 answers

Google Cloud Identity Aware Proxy (IAP) Force logout

I'm trying to work out how to logout a user which is using an application behind Google IAP The end goal is to be able to bounce the user right back to the initial process they completed the first time they visited the site (i.e. they cannot access…
jwmoxk
  • 61
  • 1
  • 2
6
votes
1 answer

Cookie or header to send own API to prevent Google Cloud Identity Aware Proxy (IAP) 302?

I have setup Cloud IAP on a development environment (spun up with Kubernetes and using Let's Encrypt) and everything is working fine. The setup is pretty basic for this app: 1) An API that has a number of REST endpoints and a persistent data store,…
Cameron
  • 1,524
  • 11
  • 21
5
votes
3 answers

Can you use IAP to log in to Firebase?

I have an angular app that is protected with Identity Aware Proxy (IAP). I am trying to add Firebase to this app in order to use firestore for a component using AngularFire. I don't want to make the user log in twice, so I thought about using IAP to…
Andy
  • 380
  • 3
  • 16
5
votes
1 answer

GCP IAP There was a problem with your request. Error code 11

I configured Google Cloud IAP for AppEngine, and then, when I try to access my app, I login to my google account, and I am redirected to this…
Mehdi Benmoha
  • 3,694
  • 3
  • 23
  • 43
5
votes
1 answer

Google Cloud IAP, authorisation with bearer token gives error code 13 and app engine instance is never reached

I am trying to setup cloud IAP for an application hosted in the Google cloud. Logging in to the application works well via the web, and you are redirected to the Google authentication page, and redirected back to the website, with a session token…
Hampus Nilsson
  • 6,692
  • 1
  • 25
  • 29
5
votes
1 answer

How can I access an IAP protected resource using Python?

How can I access an IAP protected resource using Python? More specifically I'd like to generate the Bearer token needed in the Authorization header to make calls to the IAP protected resource. I have created a service account, given it "IAP-Secured…
Ztyx
  • 14,100
  • 15
  • 78
  • 114
4
votes
2 answers

Is it possible to provide a public access for a specific endpoint for a service under Identity aware proxy?

I have a service in Google Cloud App engine, which is behind IAP. It is accessible only to users within my organisation. I need to make a few endpoints of this service accessible for all users. Is it possible to achieve? I have found an instruction,…
Pavel Botsman
  • 773
  • 1
  • 11
  • 25
4
votes
1 answer

What does the x-goog-iap-generated-response header mean?

I am trying to connect to an IAP secured service on Google AppEngine, and when I authenticate my service account, I get a 401 Unauthorized response from the server, and in the headers I get the x-goog-iap-generated-response header set to true. Does…
Mehdi Benmoha
  • 3,694
  • 3
  • 23
  • 43
4
votes
2 answers

How to authenticate programmatically to a Cloud Identity-Aware Proxy (Cloud IAP)-secured resource using user default credentials?

I would like to be able to programmatically generate an id token for iap using the user default credential on a dev environment (i.e. my own laptop with google cloud sdk installed and logged in). When following the documentation, I managed to…
Baptiste Desbiolles
  • 41
  • 1
  • 5
4
votes
0 answers

programatically enable IAP (Identity Aware Proxy) for google cloud

I'm trying to work out a way to programatically enable the IAP (Identity Aware Proxy) for our apps on GKE (Google Kubernetes Engine). In order to do this I first have to create an "OAuth 2.0 client ID". Using developer tools I was able to get this…
Andrew Holway
  • 189
  • 2
  • 13
1
2 3
8 9