74°F

Aaron Parecki

  • Articles
  • Notes
  • Photos
  • Jason Lengstorf https://twitter.com/jlengstorf   •   Jul 23
    can you say more about what the ideal workflow is? if you can set a cookie, you can allow/deny access based on cookie presence https://docs.netlify.com/routing/redirects/redirect-options/#redirect-by-cookie-presence
    Aaron Parecki
    Ideally I'd have something like a Netlify function run on every incoming request to check the presence of a cookie, validate it, and based on the result, either send an HTTP redirect to start an OIDC flow, or return the static file requested.
    Portland, Oregon • 83°F
    Fri, Jul 23, 2021 3:32pm -07:00
    5 replies
    • Jo Wouters twitter.com/jowouters
      No, don't think they have solved that yet... :-/ (I should have reread your original question completely "so that I can tie to an arbitrary OpenID Connect provider")
      Sun, Jul 25, 2021 8:49pm +00:00 (via brid.gy)
    • Aaron Parecki twitter.com/aaronpk
      That's promising, but can I use an external OpenID Connect IDP for that? I don't want to manage users in Netlify
      Fri, Jul 23, 2021 11:03pm +00:00 (via brid.gy)
    • Jo Wouters twitter.com/jowouters
      In that case you could move the whole static site to a specific directory that is protected via a _redirects definition ? Access is only granted to a specific role. docs.netlify.com/visitor-access… Roles can be set via Identity
      Fri, Jul 23, 2021 11:02pm +00:00 (via brid.gy)
    • Aaron Parecki twitter.com/aaronpk
      That won't work, I need to prevent access to the files entirely if the user isn't logged in.
      Fri, Jul 23, 2021 10:37pm +00:00 (via brid.gy)
    • Jo Wouters twitter.com/jowouters
      Have you tried Snippet Injection? docs.netlify.com/site-deploys/p… You could inject the Identity code in your static code identity.netlify.com
      Fri, Jul 23, 2021 10:35pm +00:00 (via brid.gy)
Posted in /replies using quill.p3k.io

Hi, I'm Aaron Parecki, Director of Identity Standards at Okta, and co-founder of IndieWebCamp. I maintain oauth.net, write and consult about OAuth, and participate in the OAuth Working Group at the IETF. I also help people learn about video production and livestreaming. (detailed bio)

I've been tracking my location since 2008 and I wrote 100 songs in 100 days. I've spoken at conferences around the world about owning your data, OAuth, quantified self, and explained why R is a vowel. Read more.

  • Director of Identity Standards at Okta
  • IndieWebCamp Founder
  • OAuth WG Editor
  • OpenID Board Member

  • 🎥 YouTube Tutorials and Reviews
  • 🏠 We're building a triplex!
  • ⭐️ Life Stack
  • ⚙️ Home Automation
  • All
  • Articles
  • Bookmarks
  • Notes
  • Photos
  • Replies
  • Reviews
  • Trips
  • Videos
  • Contact
© 1999-2025 by Aaron Parecki. Powered by p3k. This site supports Webmention.
Except where otherwise noted, text content on this site is licensed under a Creative Commons Attribution 3.0 License.
IndieWebCamp Microformats Webmention W3C HTML5 Creative Commons
WeChat ID
aaronpk_tv