zitadel/site/docs/oauth2-proxy/02-configure-proxy.md

---
title: OAuth 2.0 Proxy Setup
---

### Authentication Example

```toml
provider = "oidc"
user_id_claim = "sub" #uses the subject as ID instead of the email
provider_display_name = "ZITADEL"
redirect_url = "http://127.0.0.1:4180/oauth2/callback"
oidc_issuer_url = "https://issuer.zitadel.ch"
upstreams = [
    "https://example.corp.com"
]
email_domains = [
    "*"
]
client_id = "{ZITADEL_GENERATED_CLIENT_ID}"
client_secret = "{ZITADEL_GENERATED_CLIENT_SECRET}"
pass_access_token = true
cookie_secret = "{SUPPLY_SOME_SECRET_HERE}"
skip_provider_button = true
cookie_secure = false #localdev only false
http_address = "127.0.0.1:4180" #localdev only
```

> This was tested with version `oauth2-proxy v6.1.1 (built with go1.14.2)`
feat: docs rehaul, fix missing context in console, quickstarts (#1212) * onboarding components, routing, steps * onboarding component, toc * fix onboarding mixin * header * refactor docs * fix layout * cleanup routing * docs routing * fix conventions * de en routing * docs, guide contents, nav * rem i18n support * fix routing from docs * rollup onwarn changes, preload * update svelte plugin, update rollup config * move docs * revert img style, remove code table * rem de completely * rollup optim, template * angular quickstart, quickstart overview page, update deps * fix link * pack, slug * prefetch binding, hidden links * export log * guards route ch * fix homepage * angular docs * docs * resolve fsh * overview * docs * docs * packages fix race condition * nav, home link * add vue, aspnet * doc optimizations * embed status pal * angular guide * angular guide * dotnet, angular guide * viewbox * typo * block onboarding route for non iam writers * set links from component data * fix: fetch org context in guard, more main cnt (#1192) * change get started guide, fix code blockquotes, typos * flutter guide * h2 spacing * highlight strong * plus * rm start sublinks * add proxy quickstart * regex * prevent outside click, fix project grant write Co-authored-by: Florian Forster <florian@caos.ch> Co-authored-by: Livio Amstutz <livio.a@gmail.com> 2021-02-16 16:59:18 +01:00			`---`
			`title: OAuth 2.0 Proxy Setup`
			`---`

			`### Authentication Example`

			```toml
			`provider = "oidc"`
			`user_id_claim = "sub" #uses the subject as ID instead of the email`
			`provider_display_name = "ZITADEL"`
			`redirect_url = "http://127.0.0.1:4180/oauth2/callback"`
			`oidc_issuer_url = "https://issuer.zitadel.ch"`
			`upstreams = [`
			`"https://example.corp.com"`
			`]`
			`email_domains = [`
			`"*"`
			`]`
			`client_id = "{ZITADEL_GENERATED_CLIENT_ID}"`
			`client_secret = "{ZITADEL_GENERATED_CLIENT_SECRET}"`
			`pass_access_token = true`
			`cookie_secret = "{SUPPLY_SOME_SECRET_HERE}"`
			`skip_provider_button = true`
			`cookie_secure = false #localdev only false`
			`http_address = "127.0.0.1:4180" #localdev only`
			```

			> This was tested with version `oauth2-proxy v6.1.1 (built with go1.14.2)`