The Ingress controller is an ideal location for centralized authentication and authorization in Kubernetes. We show how to implement single sign-on with NGINX Ingress Controller as the relaying party and Okta as the identity provider in the OIDC Authorization Code Flow.
Announcing NGINX Plus R23
NGINX Plus R23 introduces new features including health checks for backend gRPC servers, unprivileged installation, support for the OpenID Connect PKCE extension, finer-grained control over TLS connections, a new method of setting cookie flags, and NGINX JavaScript enhancements.
Announcing NGINX Plus R22
NGINX Plus R22 introduces new features including support for OCSP to verify certificate revocation for mutual TLS, use of multiple OIDC IdPs in a configuration, real-time tracking of request and connection limiting on the NGINX Plus dashboard, and NGINX JavaScript enhancements.
Using NGINX Plus Ingress Controller for Kubernetes with OpenID Connect Authentication from Azure AD
In this blog we show how to use NGINX Plus for OpenID Connect (OIDC) authentication of applications behind the Ingress in a Kubernetes environment. We provide instructions for all components: Azure as the identity provider, Kubernetes, Docker, NGINX Plus, and a sample application.
Ask NGINX | May 2019
In this installment of our "Ask NGINX" series, we discuss UDP health checks, having NGINX Plus verify JWTs generated with Microsoft Active Directory, performing client certificate-based authentication for IIS servers, and obtaining metrics for website visits or page views.
Announcing NGINX Plus R18
NGINX Plus R18 introduces dynamic loading of SSL/TLS certificates, enhances our OpenID Connect reference implementation, and supports port ranges for virtual servers. It also includes enhancements to the key-value store, health checks, NGINX Plus clustering, and the NGINX JavaScript module.
Announcing NGINX Plus R17
NGINX Plus R17 introduces support for two-stage rate limiting and TLS 1.3, the latest version of the Transport Layer Security protocol. Configuration of OpenID Connect is simpler and NGINX ModSecurity WAF is 2x faster than before. The NGINX JavaScript module has also been updated.
Announcing NGINX Plus R15
NGINX Plus R15 introduces native gRPC proxying (used by Istio and other service mesh architectures), HTTP/2 server push, state sharing in a cluster, API gateway enhancements, OpenID Connect integration, NGINX JavaScript (njs) module enhancements, a new ALPN variable, dynamic module updates, and more.
Authenticating Users to Existing Applications with OpenID Connect and NGINX Plus
NGINX Plus R10 adds support for the JSON Web Token (JWT) standard. Learn how to use JWTs and OpenID Connect to control access to your applications.
