I'm using oauth with microsoft, but I need some api routes to be reached without auth. Webhooks for example.
I there a way to do this with ngrok or any other tunneling provider (Cloudflare etc)?
Here's my current ngrok yml
version: "2"
authtoken: token
tunnels:
default:
proto: http
addr: https://localhost:5050
host_header: "https://localhost:5050"
schemes:
- https
domain: my-ngrok-website.ngrok-free.app
oauth:
provider: "microsoft"
allow_domains: ["company.com",]
Disclaimer: I work at ngrok.
This is possible today with HTTP Edges, specifically setting up routes for the paths (or prefixes) you care about, and the OAuth module on whatever routes you want to protect. Your agent configuration will look a bit different, using labeled tunnels.
We understand this is a bit confusing. We're currently working on bringing the OAuth (and OIDC/SAML) functionality to our Traffic Policy, which we expect to be more streamlined.
If you've got any questions along the way, feel free to contact our support team!