I have the following router:
[http.routers.ipam] entryPoints = ["https"] rule = "Host(`ipam.example.com`)" service = "ipam" [http.routers.ipam.tls]
and this is the SSO middleware I used for all other routes:
[http.middlewares.sso_auth.forwardAuth] address = "https://auth.example.com/api/verify?rd=https://auth.example.com" authResponseHeaders = ["Remote-User", "Remote-Groups", "Remote-Name"] trustForwardHeader = true
Despite the fact that the middleware isn't specified on the route, the following happens:
- When I visit ipam.example.com in a browser, it skips the middleware
- When I use a programmatic method (such as ipam.example.com/api calls with Python), it uses the middleware.
Is there a misconfiguration somewhere in there causing non-browser requests to use the middleware?