Hello, I am using oathkeeper as api decision engine. I am trying to configure oathkeeper with nginx ingress controller in kubernetes but no luck so far. I want to protect a backend service "_*manager-service*_" that has a method GET/managers I have already added the /auth-url annotation in ingress yml on the service i need to protect like this:

<http://nginx.ingress.kubernetes.io/auth-url|nginx.ingress.kubernetes.io/auth-url>: "<http://ory-oathkeeper.test.svc.cluster.local:4456/decisions/managers/>"

I guess i need to add the host of backend service in the header as well for this to work, is that correct ?

Maybe @worried-kitchen-94392 can help with this

hi there, sorry but i am not 100% sure i understand your problem 😕 If you are using our charts, then the ingress rule should be created for you: https://github.com/ory/k8s/blob/master/helm/charts/oathkeeper/templates/ingress-api.yaml

I have applied a rule to allow all requests to

<http://manager.fid.com/managers|manager.fid.com/managers>

Now i am trying to configure the nginx in the ingress of manager-service to make an external auth request to oathkeeper url, but as i understand i need to send the host of manager-service in header so rules can be applied

<http://nginx.ingress.kubernetes.io/auth-url|nginx.ingress.kubernetes.io/auth-url>: <http://ory-oathkeeper.ssi-test.svc.cluster.local:4456/decisions/managers/>

<http://nginx.ingress.kubernetes.io/auth-snippet|nginx.ingress.kubernetes.io/auth-snippet>: |

proxy_set_header Host <http://manager.fid.com/|manager.fid.com/>;

Correct me if i am wrong please