New returns a new initialized Proxy.

NewTestProxy returns a test Proxy that uses an internal certificate manager instead of letsencrypt.

ReadConfig reads and validates a YAML config file.

Backend encapsulates the data of one backend.

BackendSSO specifies the identity parameters to use for a backend.

BWLimit is a named bandwidth limit configuration.

ClientAuth specifies how to authenticate and authorize the TLS client's identity.

Config is the TLS proxy configuration.

ConfigOIDC contains the parameters of an OIDC provider.

ConfigPasskey contains the parameters of a Passkey manager.

ConfigPKI defines the parameters of a local Certificate Authority.

ConfigSAML contains the parameters of a SAML identity provider.

LocalOIDCClient contains the parameters of one OIDC client that is allowed to connect to the local OIDC server.

LocalOIDCRewriteRule define how to rewrite existing claims or create new claims from existing ones.

LocalOIDCServer is used to configure a local OpenID Provider to authenticate users with backend services that support OpenID Connect.

PathOverride specifies different backend parameters for some path prefixes.

Proxy receives TLS connections and forwards them to the configured backends.