Use Traefik as Authorization Middleware/Proxy

Hey there. I am using traefik for some private projects and some of them do not have (or I do not want to implement) authentication.

I am looking for a simple traefik plugin that allows me to enforce authentication for a specific service (and show or forward to a login page if not authenticated). The authentication would be done for example via Keycloak or google OpenID (JWT).

Are there plugins that do that?

Hi Tobias,

for some similar use cases I use oauth2-proxy. It's not a plugin - I put it in a chain between traefik and the service.
It works good with Keycloak (personally, I'd prefer any other solution over Keycloak, but there aren't many alternatives).
I could post a sample deployment tomorrow if there's interest.

Look into Traefik ForwardAuth middlewares (doc).Or the solution mentioned above.

I think there are easier auth solutions like authelia and authentik, maybe even newer zitadel. But what I read is that keycloak is really an enterprise solution, would not recommend that for home use.

That's right. I'd never use Keycloak at home.

Thanks. forward-auth does exactly what I need.