Peter Triebe a301bcc174 feat: add trusted issuer prefix support for dynamic JWT verification ... Add a new --trusted-issuer-prefix flag that allows configuring issuer URL prefixes paired with audiences. Any JWT whose issuer starts with a configured prefix will be dynamically verified via OIDC discovery. This is useful for multi-tenant setups (e.g. Keycloak realms) where each tenant has a unique issuer URL under a common prefix, eliminating the need to enumerate every issuer individually. Signed-off-by: Peter Triebe <peter.triebe@de.bosch.com>		2026-05-22 16:06:12 +02:00
..
apis	feat: add trusted issuer prefix support for dynamic JWT verification	2026-05-22 16:06:12 +02:00
app	Merge commit from fork	2026-04-13 18:22:56 +02:00
authentication	fix: hmacauth dependency licensing issue (#3253)	2025-11-09 20:14:54 +01:00
cookies	Merge commit from fork	2026-04-13 18:22:56 +02:00
encryption	fix alpha config	2025-11-16 22:38:40 +01:00
header	revert: secrets as []byte instead of string	2025-11-16 22:38:42 +01:00
ip	Merge commit from fork	2026-04-13 18:22:56 +02:00
logger	Request ID Logging (#1087)	2021-03-21 18:20:57 +00:00
middleware	Merge commit from fork	2026-04-13 18:22:56 +02:00
providers	feat: add trusted issuer prefix support for dynamic JWT verification	2026-05-22 16:06:12 +02:00
proxyhttp	feat: add support for setting a unix binding's socket file mode (#3376)	2026-03-19 00:08:50 +08:00
requests	Merge commit from fork	2026-04-13 18:29:01 +02:00
sessions	feat: add same site option for csrf cookies (#3347)	2026-03-18 23:14:36 +08:00
upstream	Merge commit from fork	2026-04-13 18:22:56 +02:00
util	feat: allow arbitrary claims from the IDToken and IdentityProvider UserInfo endpoint to be added to the session state (#2685)	2026-03-14 12:04:33 +08:00
validation	feat: add trusted issuer prefix support for dynamic JWT verification	2026-05-22 16:06:12 +02:00
version	feat: Replace default Go user-agent with oauth2-proxy and version (#2570)	2024-07-14 21:09:17 +01:00
watcher	Fix Linting Errors (#1835)	2022-10-21 11:57:51 +01:00