Custom headers for bypassing 2 factor auth

[FredHaa]

I run qBittorrent behind Authelia, and I have not found a way to use transdroid to connect to the server.

One way would be by sending a custom header with the requests a la LunaSea which would make it possible for my reverse proxy to detect this and then bypass Authelia.

Is a feature like that feasible to implement?

[erickok]

Indeed there is no way currently to set custom headers. I am not at all familiar with Authelia, but perhaps you could set up some app-specific basic auth? It's a but much to add (yet another) connection feature for such a usage-specific case.

[FredHaa]

I see that it wasn't really clear in the original issue, but this wouldn't be specific to Authelia, but rather Traefik or any reverse proxy which supports routing logic via custom headers, but I get it if it is too big a hassle.

I would use the custom headers to basically tell Traefik (or any other reverse proxy) to ignore the Authelia middleware.

[ruifung]

Or if you're using authentik, you can also send additional credentials via HTTP Basic auth (But you have to always send it since authentik won't sent a HTTP Basic challenge.)

[queimadus]

Can comment I would use this feature to access my transmission instance behind a Cloudflare tunnel which uses oauth authentication by default. Adding a complete oauth flow would be overkill though. Allowing to send an extra header in the requests (with a generated authentication token) would work great.