Add OIDC Client Credentials Grant as authenthification method

This issue has been tracked since 2022-10-30.

⚠️ Please verify that this feature request has NOT been suggested before.

  • I checked and didn't find similar feature request

🏷️ Feature Request Type

Other

🔖 Feature description

At the moment you can use basic auth and ntlm to authenticate against http endpoints.
To monitor the availability of APIs it would be helpful to have the additional alternative with the OIDC Client Credentials Grant

✔️ Solution

request a jwt token and add it as bearer header to oidc protected http endoints

Most of the providers (I checked KeyCloak, AWS Cognito and Azure AD) implement the client credential flow according to the standard https://www.rfc-editor.org/rfc/rfc6749#section-4.4
Auth0 as another big provider adds an additional field to the request with audience

So my suggestion would be that if you select OIDC Client Credentials Grant as auth method in the UI you receive the following input fields
Mandatory:

  • Token Endpoint
  • Client Id
  • Client Secret

Optional:

  • Scope
  • Audience

Then before the actual http call is triggered a jwt token is requested and added to the http header.
Because the response of the grant flow should also contains an expire time the token can be cached.

Alternatives

I'm aware that the push monitor would be alternative possibility but would be nice to handle the checks with a build in functionality

📝 Additional Context

I would also be willing to provide a PR for the topic

More Details About Repo
Owner Name louislam
Repo Name uptime-kuma
Full Name louislam/uptime-kuma
Language JavaScript
Created Date 2021-07-03
Updated Date 2022-11-30
Star Count 23666
Watcher Count 159
Fork Count 1992
Issue Count 694

YOU MAY BE INTERESTED

Issue Title Created Date Updated Date