+- Jellyfin Forum (https://forum.jellyfin.org)
+-- Forum: Support (https://forum.jellyfin.org/f-support)
+--- Forum: General Questions (https://forum.jellyfin.org/f-general-questions)
+--- Thread: Help with authentication provided by reverse proxy (/t-help-with-authentication-provided-by-reverse-proxy)
Help with authentication provided by reverse proxy - jose1711 - 2024-11-03
Hello,
following https://blog.sjain.dev/caddy-sso/ I started to migrate my services behind Caddy reverse proxy with a SSO configured. For Jellyfin I did something like this (Caddyfile):
Code:
{
..
security {
authorization policy admin_policy {
set auth url https://portal.mydomain.com
allow roles authp/admin
}
}
}
jellyfin.mydomain.com {
authorize with admin_policy
reverse_proxy http://localhost:8096
}When accessing https://jellyfin.mydomain.com I am redirected to https://portal.mydomain.com where I am queried for credentials (configured inside Caddy's local store) and once validated I am redirected back and presented with Jellyfin login window. Here I need to log in once more.
Is there a way to tell Jellyfin - that a user foo is a valid user and his/her identity has been proven already? I saw several questions floating on the forums/github but could not find a definitive answer whether this is supported or not.
Thanks, j
RE: Help with authentication provided by reverse proxy - crobibero - 2024-11-04
You would need to use something like the SSO plugin. https://github.com/9p4/jellyfin-plugin-sso
RE: Help with authentication provided by reverse proxy - jose1711 - 2024-11-05
This would be too much, I am looking for a header authentication but it seems this is not yet supported (as per https://features.jellyfin.org/posts/471/header-authentication)
RE: Help with authentication provided by reverse proxy - jose1711 - 2024-11-09
Eventually I used Caddy with Authelia (https://www.authelia.com/integration/openid-connect/jellyfin/) and SSO plugin you mentioned.