I'm trying to authenticate against AAD (Azure Active Directory) with oauth2_proxy used in Kubernetes to obtain Access Token.
First of all, I'm struggling to get the correct authentication flow to work.
Second, after being redirected to my application, Access Token is not in the request headers specified in oauth2_proxy documentation.
Here is some input on authentication against Azure Active Directory (AAD) using oauth2_proxy in kubernetes.
First you need to create an application in AAD and add it
email
,profile
andUser.Read
permissions to Microsoft Graph.The default behavior of authentication flow, is that after login against Microsoft authentication server, you will be redirected to root of website with authentication code (e.g.
https://exampler.com/
). You would expect the Access Token to be visible there -this is a faulty assumption. The url that Access Token is injected into ishttps://exampler.com/oauth2
!!!Successful configuration of oauth2_proxt that worked is below.
oauth2-proxy.yaml
ingress.yaml