# Vouch Proxy configuration # bare minimum to get Vouch Proxy running with OpenID Connect (such as okta) vouch: # domains: # valid domains that the jwt cookies can be set into # the callback_urls will be to these domains domains: - yourdomain.com - yourotherdomain.com # - OR - # instead of setting specific domains you may prefer to allow all users... # set allowAllUsers: true to use Vouch Proxy to just accept anyone who can authenticate at the configured provider # and set vouch.cookie.domain to the domain you wish to protect # allowAllUsers: true cookie: # allow the jwt/cookie to be set into http://yourdomain.com (defaults to true, requiring https://yourdomain.com) secure: false # vouch.cookie.domain must be set when enabling allowAllUsers # domain: yourdomain.com oauth: # Generic OpenID Connect # including okta provider: oidc client_id: xxxxxxxxxxxxxxxxxxxxxxxxxxxx client_secret: xxxxxxxxxxxxxxxxxxxxxxxx auth_url: https://{yourOktaDomain}/oauth2/default/v1/authorize token_url: https://{yourOktaDomain}/oauth2/default/v1/token user_info_url: https://{yourOktaDomain}/oauth2/default/v1/userinfo scopes: - openid - email - profile callback_url: http://vouch.yourdomain.com:9090/auth