I’m investigating a variety of options to gate internal web apps at our company, with Twingate being one of them.
One question I have is whether there’s a way for the downstream app to know who the user is. We can have another login window that integrates with the SSO system, but it would certainly be nice to use what we already have, given that we’ve done both authn and authz at the network layer with Twingate. This would be useful for things like recording what user took an action, without having to try to associate specific actions with Twingate audit logs.
Someone I was talking to created a little program to do this for Cloudflare Access, as it provides some information that makes it possible but doesn’t provide it directly by default: GitHub - j0sh3rs/cfaccess-proxy: Tiny reverse proxy that validates access against Cloudflare Access and sets headers for downstream -- Forked from https://github.com/jorgelbg/cloudflare-access-grafana