How to implement istio authorization using oauth2 and keycloak

Krishnan · August 18, 2022, 3:55pm

The redirection issue solved by updating authorization policy

apiVersion: security.istio.io/v1beta1
kind: AuthorizationPolicy
metadata:
  name: example-auth-policy
  namespace: istio-system
spec:
  action: CUSTOM
  provider:
    name: "oauth2-proxy"
  rules:
  - to:
    - operation:       
        paths: ["/app"]
        notPaths: ["/oauth2/*"]
  selector:
    matchLabels:
      app: istio-ingressgateway

Added istio-system namespace instead of workload namespace (it was default in my case)
Forgot to add matchLabels.

Topic		Replies	Views
How to implement istio authorization based on keycloak user role Security	1	3730	August 24, 2022
Oauth2-proxy - RBAC: access denied - redirect works Security security	1	2524	August 27, 2021
Istio+oauth2-proxy+keycloak. Policies not working Security	5	1883	July 21, 2023
How to use keycloak for RequestAuthentication in Istio 1.6.3?	1	2961	July 7, 2020
Looking for working example for Istio - 1.9.2 and KeyCloak for External Authorization Security	1	2211	April 9, 2021

How to implement istio authorization using oauth2 and keycloak

Related topics