https://www.ory.sh/ logo
Join Slack
Powered by
Hi all! Is it possible to setup access rules such ...
# talk-oathkeeper
p
Hi all! Is it possible to setup access rules such that we have the same URL for guest user (non-logged in user) and logged in user and oathkeeper can pass certain header(s) to the backend to return different data based on the header? I am using kratos for authentication if that helps
d
Hello. What kind of data do you expect to receive in both cases? Maybe I can help you with the configuration
p
Backend can decide that based on whether user is logged in or not. For example, a content will have a preview mode if user is not logged in, but if logged in, they can see the full content
d
Okay. Here’s the example of configuration cookie_session with header mutator. You can check presence of 
X-User
on your backend
and also it works fine with anonymous authenticator
p
But how will it work in both cases at the same time?
You cab either use cookie_session or use anonymus, can't use both.
Any suggestions here?
@damp-sunset-69236 please help
@damp-sunset-69236 pinging you one more time in case you are still around.
d
Hey. I’ll try to create a sample configuration later today
p
That'd be awesome. Thank you
d
Copy code
X-User: 3c9d432f-624c-466e-840e-c5500ea37da7
That’s for authenticated user. Works fine on the backend. here’s an example for unauthenticated user:
Copy code
X-User: guest
configuration example
You can just add two authenticators and they work fine.
Oathkeeper does not support multiple configuration for authorizers, but works fine with multiple authenticators/mutators
p
Thank you so much. That is exactly what I'm looking for I think. I will test it on our setup. Really appreciate taking time to do this.
4 Views
Open in Slack
PreviousNext
Powered by