Stack Overflow
Stack Overflow

Questions tagged [identity-aware-proxy]

68 questions
5
votes
1 answer

Trouble authorizing access to App Engine via IAP

I currently have App Engine up and running, protected by IAP, and my eventual aim is to have this be triggered by an Apps Script project. I've tested the code without IAP and it works fine. However, I'm running into difficulties successfully…
lblnd
  • 83
  • 4
3
votes
1 answer

Service to service requests on App Engine with IAP

I'm using Google App Engine to host a couple of services (a NextJS SSR service and a backend API built on Express). I've setup my dispatch.yaml file to route /api/* requests to my API service and all other requests get routed to the default (NextJS)…
Matt Bise
  • 63
  • 1
  • 5
3
votes
1 answer

How to protect Google Cloud Functions with Identity-Aware-Proxy

I'm having trouble protecting my Google Cloud Function with the Identity-Aware-Proxy. I'm still getting the "You don't have access" screen after the OAuth Consent screen even though I've done all steps as I understood them from the documentation…
Simon Knittel
  • 1,730
  • 3
  • 15
  • 24
3
votes
1 answer

GCP Kubernetes: Ingress and external load balancer with IAP lots of open ports scanning nmap

I have a k8s cluster running a Service behind an Ingress with an external HTTPS load balancer and I have Identity-aware proxy protecting my system. The ingress has a public IP and when I scan it with nmap I see the following open ports: PORT …
Furbeenator
  • 8,106
  • 4
  • 46
  • 54
3
votes
2 answers

Unable to enable CORS requests to a Google App Engine IAP

Signing in users with external identities from Safari and Brave is not working. The workaround for Safari is to disable Prevent cross-site tracking in the setting menu. There is another option using gcloud iap settings set as explained in…
Shi nik
  • 31
  • 1
3
votes
4 answers

How to run a Cloud Scheduler job with App Engine HTTP when protected by IAP

I have a Python app on Google App Engine Standard which is secured using Google Cloud Identity Aware Proxy (IAP). I would like to trigger a part of my app every day by using Cloud Scheduler. (It is calling an API, doing calculations, and stores…
tim
  • 103
  • 2
  • 6
3
votes
2 answers

How do you enable CORS requests to a Google Compute Engine IAP enabled Load Balancer?

GCP allows external HTTPS load balancers to be protected by Identity Aware Proxy (IAP), using your google account credentials to protect the web server behind the load balancer. This an easy way to protect web services you want to use internally.…
Andrew Ring
  • 3,185
  • 1
  • 23
  • 28
2
votes
1 answer

Postman - Access API that secured by Authentication: Bearer Token behind Google Identity Aware Proxy

Background: I have an API that previously running behind VPN. The API it self implement JWT Authentication for some path, so we have to attach: Authorization: Bearer We just update our API to run behind Google Identity Aware Proxy…
roman
  • 788
  • 1
  • 10
  • 23
2
votes
0 answers

How to hide Cloud Run behind Identity-Aware Proxy without a domain name for the load balancer?

I followed the docs (Setting up a load balancer with Cloud Run, and Setting up an external HTTPS load balancer) and successfully enabled IAP on a load balancer, which has Cloud Run as a backend. It seems that for IAP to work, the frontend of the…
Alexis VIALARET
  • 21
  • 2
2
votes
2 answers

Google Cloud Platform and Terraform to protect App Engine with Identity Aware Proxy IAP

It's around three days that I'm getting crazy trying to secure via Terraform my App Engine. When I secure my application manually through GCP console my steps are: Create App Engine Activate IAP and create an OAuth consent screen Activate the…
letscloud
  • 85
  • 2
  • 7
2
votes
1 answer

How to access already authenticated user from web application behind Google Identity Aware Proxy?

I have a web application which sits behind Google's Identity Aware Proxy (IAP). IAP authenticates the user before forwarding to my web application. How can I access the already authenticated user from my web application? In Getting the user's…
Edward J. Stembler
  • 1,932
  • 4
  • 30
  • 53
2
votes
1 answer

How to enable IAP on a subdomain in App Engine?

I wanted to know whether it is possible to enable IAP OAuth for App Engine but for a subdomain or a subfolder. I have already enabled it for the domain, but I don't want it to show up for the entire website. For example: I want to use IAP secured…
Antariksh Pratham
  • 29
  • 4
2
votes
1 answer

How to get user groups or roles from Identity Aware Proxy in a MERN stack app

I have a use case where I have 2 apps: React SPA frontend, running on web.myportal.example Node Express backend, exposing a REST api on api.myportal.example Both apps are deployed into GCP Compute Engine and are accessible from the Internet. I was…
Alex
  • 459
  • 4
  • 16
2
votes
2 answers

Using Google IAP through custom domain on App Engine

Enabling a custom domain on an App Engine service is now a breeze, so is enabling IAP (Google Identity-Aware Proxy) But, I can't figure out how to get IAP and my custom domain to work together! both https://myservice-dot-myapplication.appspot.com…
Clorichel
  • 1,940
  • 1
  • 13
  • 24
1
vote
0 answers

Connect to IAP protected endpoint with Workload Identity Federation

I'm trying to create setup where I can run my code that will impersonate SA based on Workload Identity Federation and then call IAP protected endpoint (running on Cloud Run). I've managed to do such setup with Python library but I'm unable to do it…
michajas
  • 347
  • 1
  • 5
  • 16
1
2 3 4 5