Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Trusted Header Authentication #6197

Open
dakriy opened this issue Oct 15, 2024 · 3 comments
Open

Trusted Header Authentication #6197

dakriy opened this issue Oct 15, 2024 · 3 comments
Labels
authentication

Comments

@dakriy
Copy link

dakriy commented Oct 15, 2024
edited
Loading

Is your feature request related to a problem?

This is related to #1188, but the solution provided in the enterprise plan is much more enterprise oriented and does not meet some of the needs that I have or that others voiced in that ticket. It would be nice to support simple trusted header auth (like what Authelia provides) without having to go to the SigNoz login page. I implemented all of the code already and don't want to maintain my own separate fork and thought other self hosters that don't have the extra cash to spare on an enterprise plan like myself could benefit. This functionality is not currently in any enterprise plan and it would serves a hobbyist need rather than the more organizational focused needs provided in the enterprise plan.

Describe the solution you'd like

Allow for simple trusted header login without showing the login page configured with environment variables (no GUI needed). This solution is already mostly implemented and working on my local dev machine.

Describe alternatives you've considered

  • Paying for an enterprise plan (I'm poor and doesn't meet my needs).
  • Maintaining my own fork :(
  • Opening up a self-hosted hobbyist SigNoz instance to the world wide web. I don't like having many different username/passwords on many different logins across my services. Also I like to protect all my services behind a more security focused trustworthy gateway as I have seen multiple 0-days occur with services I have run where having them under one single roof has prevented my home lab from getting hacked. Additionally, it is easier for people who don't keep up with movements in the security world and limited time to be pedantic about keeping one important auth service up to date rather than everything.
  • Having 2 login pages. Really annoying

Thank you guys for this project! I am loving it so far!
@welcome Welcome
Copy link

welcome bot commented Oct 15, 2024

Thanks for opening this issue. A team member should give feedback soon. In the meantime, feel free to check out the contributing guidelines.

@dakriy dakriy changed the title Simple External Auth Flow Support Trusted Header Authentication Oct 15, 2024
@dblundell
Copy link

@dakriy are you happy to share the pull request for this feature? I also would greatly prefer to have a dedicated security focused auth gateway in front of all services. I'm happy to help maintain it on a public repo if it doesn't get merged.

@mgilham mgilham mentioned this issue Jan 15, 2025
Open
@mgilham
Copy link

mgilham commented Jan 15, 2025

@dblundell @dakriy I opened #6825 as a starting point.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
authentication
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@pranay01 @dblundell @mgilham @dakriy