ui
ui copied to clipboard
temporalio
Custom CA support for Auth/SSO in ui-server
Is your feature request related to a problem? Please describe.
When using a self-hosted SSO Provider (i.e. Keycloak) that is set up with a TLS certificate signed by a custom internal Certificate Authority, it is currently impossible to provide the CA certificate to the auth module to verify the certificate.
This makes configuration of SSO in this situation impossible.
Describe the solution you'd like
implement a way to provide a CA certificate to the auth module through configuration / environment values similar to the TLS config for temporal server connection.
I have already made this change for our own use, so can have a PR ready right away.
Describe alternatives you've considered
I have explored other ways to provide the CA certificate, but go-oidc does not seem to have a built-in way to do this.
