Can I bypass certain urls to ignore authentication?

[TonyCollett]

Can't find documentation on this little feature, checking if it's supported before I make the switch.

Currently I'm on Authelia + Nginx Proxy Manager and it's working well, but I'm looking to swap to TinyAuth + PocketID + Traefik

One thing I can do in Authelia is bypass authentication for certain URLs

For example: I have Glance set up with a homepage that doesn't require authentication (https://glance.mydomain.com/home), but then I have a Glance tab that has my server configuration and URLs which I have locked behind Authelias 2FA (https://glance.mydomain.com/server)

Same thing for some server app APIs. I have configurations in Authelia to bypass the "*.mydomain.com/api" url so that I can access those without causing issues between app endpoint calls.

I would like to make sure I can do that after switching to the TinyAuth stack. Thanks!

[steveiliop56]

Hello!

Yes this is possible with tinyauth. You can use the tinyauth.allowed label and then a simple regex to allow the paths you want. For example to only allow the /home path you would do tinyauth.allowed: /home and that's it! Tinyauth will just allow the path.

[TonyCollett]

That's great, thanks! Is there a page in the documentation anywhere about this that I may have missed?

[steveiliop56]

Unfortunately no, I probably forgot to include it. I will rework the documentation and add a new Labels section to show all supported labels.

[bfpimentel]

@steveiliop56 Hi.

First of all, I appreciate your effort in creating such a good application. I've switched from Authentik and I'm really liking Tinyauth so far.

I'm answering to this thread because I'm having some issues on understanding how the labels structure should be. I've tried with tinyauth.basic.username and tinyauth.basic.password and didn't have success. If these are the actual labels, I believe it could be something wrong in the implementation, since I'm not getting this info logged as well (as they should, if I understood the PR correctly).

I'm on nightly, btw.

So, in advance, could you please provide this information while the Wiki isn't updated?

@TonyCollett if you figured it out, your help would be appreciated too. OP, I apologize for the mention. I actually answered the wrong thread. At least it's also label related.

-- edit

I've also tried with the tinyauth.basic label with username=<username>,password=<password> and Username=<username>,Password=<password> and no success as well.

[steveiliop56]

Hello!

The labels for basic auth are tinyauth.basic.user and tinyauth.basic.password although it would make sense to use tinyauth.basic.username. Can you try with the tinyauth.basic.user one and check if it works? I will probably rename it to username in the final release.