
[](http://travis-ci.org/oauth2-proxy/oauth2-proxy)
[](https://goreportcard.com/report/github.com/oauth2-proxy/oauth2-proxy)
[](https://godoc.org/github.com/oauth2-proxy/oauth2-proxy)
[](./LICENSE)
[](https://codeclimate.com/github/oauth2-proxy/oauth2-proxy/maintainability)
[](https://codeclimate.com/github/oauth2-proxy/oauth2-proxy/test_coverage)
A reverse proxy and static file server that provides authentication using Providers (Google, GitHub, and others)
to validate accounts by email, domain or group.
**Note:** This repository was forked from [bitly/OAuth2_Proxy](https://github.com/bitly/oauth2_proxy) on 27/11/2018.
Versions v3.0.0 and up are from this fork and will have diverged from any changes in the original fork.
A list of changes can be seen in the [CHANGELOG](CHANGELOG.md).
**Note:** This project was formerly hosted as `pusher/oauth2_proxy` but has been renamed as of 29/03/2020 to `oauth2-proxy/oauth2-proxy`.
Going forward, all images shall be available at `quay.io/oauth2-proxy/oauth2-proxy` and binaries will be named `oauth2-proxy`.

## Installation
1. Choose how to deploy:
a. Download [Prebuilt Binary](https://github.com/oauth2-proxy/oauth2-proxy/releases) (current release is `v7.3.0`)
b. Build with `$ go get github.com/oauth2-proxy/oauth2-proxy/v7` which will put the binary in `$GOROOT/bin`
c. Using the prebuilt docker image [quay.io/oauth2-proxy/oauth2-proxy](https://quay.io/oauth2-proxy/oauth2-proxy) (AMD64, PPC64LE, ARMv6, ARMv8 and ARM64 available)
Prebuilt binaries can be validated by extracting the file and verifying it against the `sha256sum.txt` checksum file provided for each release starting with version `v3.0.0`.
```
sha256sum -c sha256sum.txt 2>&1 | grep OK
oauth2-proxy-x.y.z.linux-amd64: OK
```
2. [Select a Provider and Register an OAuth Application with a Provider](https://oauth2-proxy.github.io/oauth2-proxy/docs/configuration/oauth_provider)
3. [Configure OAuth2 Proxy using config file, command line options, or environment variables](https://oauth2-proxy.github.io/oauth2-proxy/docs/configuration/overview)
4. [Configure SSL or Deploy behind a SSL endpoint](https://oauth2-proxy.github.io/oauth2-proxy/docs/configuration/tls) (example provided for Nginx)
## Security
If you are running a version older than v6.0.0 we **strongly recommend you please update** to a current version.
See [open redirect vulnerability](https://github.com/oauth2-proxy/oauth2-proxy/security/advisories/GHSA-5m6c-jp6f-2vcv) for details.
## Docs
Read the docs on our [Docs site](https://oauth2-proxy.github.io/oauth2-proxy/docs/).

## Getting Involved
If you would like to reach out to the maintainers, come talk to us in the `#oauth2-proxy` channel in the [Gophers slack](http://gophers.slack.com/).
## Contributing
Please see our [Contributing](CONTRIBUTING.md) guidelines. For releasing see our [release creation guide](RELEASE.md).
https://github.com/oauth2-proxy/oauth2-proxy
master
No items found.
Why Plural?
Open source
Plural is community-focused, open source, and free to use.
Deploy on Kubernetes
Deploy OSS on Kubernetes right on your own cloud.
No vendor lock-in
Eject your configuration whenever—no commitment necessary.
Day 2 operations
Application-specific runbooks and dashboards.
You might also like...
hydra
security
Low latency, high-throughput OAuth 2.0 and OpenID Connect provider.
kubescape
security
Multi-cloud K8s single pane of glass for security.
vault
security
Open-source identity-based secrets and encryption management system.