OIDC proxy auth

[lets-call-n-walk]

Summary

Adds optional OIDC proxy-based authentication to kagent, enabling integration with enterprise identity providers (Cognito, Okta, Dex, etc.) via an oauth2-proxy subchart.

When controller.auth.mode is set to "proxy", the controller trusts JWT tokens from the Authorization header injected by oauth2-proxy, extracting user identity from configurable JWT claims. When set to "unsecure" (the default), behavior is unchanged — no auth is required.

Note: This does not implement Access Control. It is purely the authentication mechanism. Access control is being discussed in this issue: #1270

What's included

Backend (Go)

• ProxyAuthenticator that extracts user identity (email, name, groups) from JWT claims with configurable claim mapping
• AUTH_MODE env var to switch between unsecure and proxy authentication at startup
• /api/me endpoint returning the current user's identity from the auth context
• Nil-safety fix for database manager shutdown

Frontend (Next.js)

• AuthContext provider that decodes the JWT from the Authorization header and exposes user state
• /login page with branded SSO redirect
• UserMenu component showing current user info with sign-out
• Auth header forwarding in all server actions and the A2A proxy route
• jose dependency for client-side JWT decoding

Helm

• oauth2-proxy subchart dependency (disabled by default)
• controller.auth values for auth mode and JWT claim mapping
• ui.auth.ssoRedirectPath for configurable SSO redirect
• NetworkPolicy templates that lock down UI/controller access when auth is enabled
• Custom oauth2-proxy templates for branded login redirect
• NOTES.txt additions documenting auth configuration

How it works

Browser → oauth2-proxy → (OIDC flow with IdP) → Next.js UI → Go Controller
                ↓                                     ↓              ↓
         Session cookie                    AuthContext decodes   ProxyAuthenticator
         + JWT injection                   JWT for user state    extracts claims

NetworkPolicies ensure UI and controller only accept traffic from oauth2-proxy when auth mode is proxy.

Enabling

controller:
  auth:
    mode: proxy

oauth2-proxy:
  enabled: true
  extraEnv:
    - name: OIDC_ISSUER_URL
      value: "https://your-idp.example.com"
    - name: OIDC_REDIRECT_URL
      value: "https://kagent.example.com/oauth2/callback"

See docs/OIDC_PROXY_AUTH_ARCHITECTURE.md for full architecture details.

[Copilot]

Pull request overview

Adds an optional “OIDC proxy auth” mode to kagent, intended to run behind oauth2-proxy and derive user identity from a JWT in the Authorization header, while keeping the existing unauthenticated (“unsecure”) behavior as the default.

Changes:

• Backend: introduce ProxyAuthenticator, extend Principal with identity fields, and add /api/me for current-user introspection.
• Frontend: add auth header forwarding utilities, an AuthContext + UserMenu, and a branded /login page.
• Helm: add optional oauth2-proxy subchart + templates, auth-related values/env wiring, and NetworkPolicies to restrict direct UI/controller access when auth is enabled.

Reviewed changes

Copilot reviewed 36 out of 38 changed files in this pull request and generated 12 comments.

Show a summary per file

File	Description
ui/src/types/index.ts	Adjust UI request typing for session creation (removes user_id from request shape).
ui/src/lib/jwt.ts	JWT decode + claim extraction utilities for UI/server actions.
ui/src/lib/auth.ts	Centralized Authorization header extraction for server actions/route handlers.
ui/src/contexts/AuthContext.tsx	Client-side provider for “current user” state via a server action.
ui/src/components/chat/ChatInterface.tsx	Stops injecting user_id when creating sessions.
ui/src/components/UserMenu.tsx	Adds user dropdown with groups display + sign out.
ui/src/components/Header.tsx	Wires UserMenu into desktop/mobile header layouts.
ui/src/app/tools/page.tsx	Fixes import path to use app actions alias.
ui/src/app/servers/page.tsx	Fixes import path to use app actions alias.
ui/src/app/login/page.tsx	Adds branded login page with SSO redirect link.
ui/src/app/layout.tsx	Wraps app in AuthProvider and adjusts root layout hydration settings.
ui/src/app/actions/utils.ts	Stops appending user_id to backend requests; forwards Authorization instead.
ui/src/app/actions/feedback.ts	Removes user_id injection from feedback submission.
ui/src/app/actions/auth.ts	Adds server action to derive current user from incoming Authorization JWT.
ui/src/app/a2a/[namespace]/[agentName]/route.ts	Forwards auth header through the A2A proxy route.
ui/package.json	Adds jose dependency for JWT decoding.
helm/kagent/values.yaml	Adds controller/ui auth values, oauth2-proxy values, and networkPolicy values.
helm/kagent/templates/ui-deployment.yaml	Injects SSO_REDIRECT_PATH env var into UI deployment.
helm/kagent/templates/oauth2-proxy-templates.yaml	Adds custom oauth2-proxy template ConfigMap to redirect to /login.
helm/kagent/templates/networkpolicy.yaml	Adds NetworkPolicies to restrict ingress paths when proxy auth is enabled.
helm/kagent/templates/controller-deployment.yaml	Injects AUTH_MODE and JWT-claim env vars into controller when in proxy mode.
helm/kagent/templates/_helpers.tpl	Adds helper to conditionally enable NetworkPolicies when auth is enforced.
helm/kagent/templates/NOTES.txt	Documents NetworkPolicy behavior when enabled.
helm/kagent/Chart-template.yaml	Adds oauth2-proxy as an optional chart dependency.
go/test/e2e/auth_api_test.go	Adds E2E coverage for /api/me across auth modes.
go/pkg/auth/auth_test.go	Adds basic test for new Principal user/group fields.
go/pkg/auth/auth.go	Extends auth model with Email, Name, and Groups.
go/internal/httpserver/server.go	Adds /api/me route and nil-safety for DB manager shutdown.
go/internal/httpserver/handlers/handlers.go	Registers CurrentUserHandler.
go/internal/httpserver/handlers/current_user_test.go	Unit tests for /api/me handler behavior.
go/internal/httpserver/handlers/current_user.go	Implements /api/me handler using auth session principal.
go/internal/httpserver/auth/proxy_authn_test.go	Unit tests for JWT claim extraction + fallback behaviors.
go/internal/httpserver/auth/proxy_authn.go	Implements proxy-mode authenticator (JWT parsing + fallback).
go/cmd/controller/main.go	Selects authenticator based on AUTH_MODE at startup.
go/cmd/controller/auth_mode_test.go	Tests authenticator selection logic.
docs/OIDC_PROXY_AUTH_ARCHITECTURE.md	Adds architecture documentation for the proxy auth approach.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[peterj]

there's a logo here -

kagent/ui/src/components/kagent-logo.tsx

Line 4 in 706a170

const blinkStyles = `

-- can that be re-used instead of creating a new one?

[peterj]

the project is using tailwind, can you convert this to tailwind classes instead?

[peterj]

since we have "Bringing Agentic AI to cloud native" on the website -- perhaps we do the same here?

[peterj]

can we introduce a type for the { user, email, name, groups }?

[peterj]

if the jpg version of the file is not used, we should remove it from the /public folder

[EItanya]

These changes are looking great! The 2 themes I wanna focus on first are the inclusion of NetworkPolicy and the way the claims are being parsed. Looking forward to more discussion and iteration!

[lets-call-n-walk]

@EItanya @peterj let me know if this addresses your feedback, thanks!

[EItanya]

Overall the changes here make a lot of sense to me. Unfortunately the PR seems quite out of date so I'm having trouble gleaning what exactly is new and what isn't. Any chance you can update so I can look again?

[EItanya]

We should probably create a follow-up for this to make sure it's more secure

[EItanya]

Can we call this mode trusted-proxy instead of just proxy because it's explicitly not re-validating

[lets-call-n-walk]

@EItanya renamed proxy to trusted proxy. Most of the other comments were on code that wasn't mine, but the diff had gotten messed up from being behind - I merged and the diff is correct now.

[jsonmp-k8]

Removing user_id from this payload looks like a regression unless the backend now injects it from the auth session. HandleCreateFeedback still persists the request body verbatim, so database.Feedback.UserID is stored as empty here and ListFeedback(userID) will never return these rows.

[jsonmp-k8]

Hard-coding http://kagent-ui:8080 only works for the default release name. The chart templates the actual service name as {{ include "kagent.fullname" . }}-ui, so fullnameOverride or a non-default release name will break oauth2-proxy unless the user manually overrides UPSTREAM_URL.

[jsonmp-k8]

This changes the default streaming timeout from 10 minutes to 1 minute. A2ARegistrar wires this value straight into a2aclient.WithTimeout, so long-running streams and tool calls will now terminate after 60s unless the operator overrides the flag. Was that intentional for this auth PR?

[jsonmp-k8]

This drops X-User-Id on controller-to-agent A2A calls. The downstream A2A runtimes still derive the caller from that header, so in trusted-proxy mode the real user becomes A2A_USER_<context_id> after the first hop. We likely need to forward the resolved user id here in addition to the bearer token.

[jholt96]

I did have an alternative approach here just looking at headers. You can set an env var on kagent like TRUSTED_USER_HEADERS and specify the headers to look at. AWS ALB and oauth2 proxy will give you a header with a User ID in it that you can use. kagent can be configured to use given header(s) as the user ID if detected. I think it's simpler (doesn't require JWT parsing) and also supports more reverse proxies (ones that don't use JWT)

The reason why JWTs are desired is so that the organization can give more data than just USER_ID, such as groups. Then that JWT can be passed to an RBAC service (which is also being worked on), and used to verify permissions for said user. (which would then start to address the first concern of allowing users to share sessions.).

In addition to the reason above, passing JWT directly also allows for supporting user identity propagation to downstream services. Some enterprise Cyber practices don't like OBO and prefer propagation. I think it's great to be able to support both with kagent directly being able to propagate identity, and then having agent gateway integration for OBO and more fine-grained control.

[github-actions]

This pull request has been marked as stale because of no activity in the last 15 days. It will be closed in the next 5 days unless it is tagged "no stalebot" or other activity occurs.

[christensenjairus]

This pull request has been marked as stale because of no activity in the last 15 days. It will be closed in the next 5 days unless it is tagged "no stalebot" or other activity occurs.

Not stale! Would love to see this completed

[jholt96]

This is a must have for the project! Please let me know what is needed to get this merged. Happy to assist @lets-call-n-walk @EItanya

[lets-call-n-walk]

@EItanya @jsonmp-k8 updated per review and fixed merge conflicts

[EItanya]

Hey there, sorry for the delay, I updated the PR so it should now pass in CI. I will do a final review tomorrow