73°F

Aaron Parecki

  • Articles
  • Notes
  • Photos
  • certified post-corporate hellscape solutions https://twitter.com/4c4d   •   Jul 23
    Google, Azure, AWS all have the concept of the identity aware proxy, which is something that inspects the jwt/token and denies access if it's not valid. I've used GCP's, and it's pretty well featured, but the other providers should be reasonable as well (it's a common feature)
    Aaron Parecki
    That's exactly what I want, but is there anything lighter weight than those platforms? It feels way overkill. I can't find a corresponding feature in Netlify or Heroku for example though.
    Portland, Oregon • 83°F
    Fri, Jul 23, 2021 3:20pm -07:00
    8 replies
    • John Patrick Dandison ☁☁☁ twitter.com/AzureAndChill
      Awesome!
      Sat, Jul 24, 2021 12:42am +00:00 (via brid.gy)
    • Aaron Parecki twitter.com/aaronpk
      Yup, that was it! Thanks for the reminder! This works great.
      Sat, Jul 24, 2021 12:34am +00:00 (via brid.gy)
    • Aaron Parecki twitter.com/aaronpk
      oh well that could very well be the missing piece here!
      Sat, Jul 24, 2021 12:24am +00:00 (via brid.gy)
    • John Patrick Dandison ☁☁☁ twitter.com/AzureAndChill
      Using the standard tier, correct? I think the paid one is required for byo
      Sat, Jul 24, 2021 12:21am +00:00 (via brid.gy)
    • Aaron Parecki twitter.com/aaronpk
      Managed to get pretty far with this approach, but got hung up on this issue if you have any thoughts: github.com/aaronpowell/sw…
      Sat, Jul 24, 2021 12:17am +00:00 (via brid.gy)
    • Aaron Parecki twitter.com/aaronpk
      This is promising, thanks, I am going to check it out.
      Fri, Jul 23, 2021 11:05pm +00:00 (via brid.gy)
    • John Patrick Dandison ☁☁☁ twitter.com/AzureAndChill
      Azure static web apps has auth proxy built in and is pretty lightweight, $9 to byo oidc. Or an az function proxy and use easyauth/write a couple of methods to handle the redirect and code redemption. That's free under 1m executions
      Fri, Jul 23, 2021 10:41pm +00:00 (via brid.gy)
    • certified post-corporate hellscape solutions twitter.com/4c4d
      idk i know heroku has their own local identity introspection implementation but i know nothing about it
      Fri, Jul 23, 2021 10:22pm +00:00 (via brid.gy)
Posted in /replies using quill.p3k.io

Hi, I'm Aaron Parecki, Director of Identity Standards at Okta, and co-founder of IndieWebCamp. I maintain oauth.net, write and consult about OAuth, and participate in the OAuth Working Group at the IETF. I also help people learn about video production and livestreaming. (detailed bio)

I've been tracking my location since 2008 and I wrote 100 songs in 100 days. I've spoken at conferences around the world about owning your data, OAuth, quantified self, and explained why R is a vowel. Read more.

  • Director of Identity Standards at Okta
  • IndieWebCamp Founder
  • OAuth WG Editor
  • OpenID Board Member

  • 🎥 YouTube Tutorials and Reviews
  • 🏠 We're building a triplex!
  • ⭐️ Life Stack
  • ⚙️ Home Automation
  • All
  • Articles
  • Bookmarks
  • Notes
  • Photos
  • Replies
  • Reviews
  • Trips
  • Videos
  • Contact
© 1999-2025 by Aaron Parecki. Powered by p3k. This site supports Webmention.
Except where otherwise noted, text content on this site is licensed under a Creative Commons Attribution 3.0 License.
IndieWebCamp Microformats Webmention W3C HTML5 Creative Commons
WeChat ID
aaronpk_tv