Legacy apps authentication? #12105
-
|
Hello, What is the recommended approach so that users don't have to login multiple times - first to Teleport, and then once for every web application? That's not great for the user experience. Should I investigate into what and how authentication headers are used by the applications. and then try to forge them via |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 1 reply
-
|
The best supported way to do this is to use apps which have JWT support, or can add it via a plugin. Many apps like Grafana and Jenkins can do exactly this, and that allows Teleport to pass authentication information directly through to them. See the documentation here: https://goteleport.com/docs/application-access/guides/jwt/ If no JWT plugins are available, you might try injecting authentication headers in the way you described - although this is less secure. |
Beta Was this translation helpful? Give feedback.
-
|
Thank you @webvictim ! I will look into that. |
Beta Was this translation helpful? Give feedback.
The best supported way to do this is to use apps which have JWT support, or can add it via a plugin. Many apps like Grafana and Jenkins can do exactly this, and that allows Teleport to pass authentication information directly through to them. See the documentation here: https://goteleport.com/docs/application-access/guides/jwt/
If no JWT plugins are available, you might try injecting authentication headers in the way you described - although this is less secure.