Lauri Võsandi

Third option is to have mailserver cache the images with corresponding `User-Agent` string and serve images from the cache. The canonical way to solve this is to have them placed...

Looks the `/send` route succeeds with 200, but form is not submitted and no errors are shown in the user interface

On mobile you can just use native mail client and enroll it with ASPS (application specific passwords) In any case feel free to improve the UX by submitting a PR

Feel free to provide PR :)

Feel free to submit PR or just keep the `[sso]` section in the config file intact

Also whenever user account was impersonated, the user should be notified about it also mentioning who was the impersonator

I think this should not be connected to any Kubernetes level ownership, this is more like informal bit that could be shown in the UI.

This will look something like https://gefyra.dev/docs/usecases/oauth2-demo/#the-oauth2-demo-sidecar-workload Pros: * Middleware CRD could be removed altogether * Unified interface for adding OIDC apps * Applications need to be switched to listening to...

This might go hand in hand with creating explicit association between OIDCGWClient and Ingress. In such case OIDCGWClient could just have `ingressRef` attribute and read the hostname from the Ingress...

Somewhat related https://www.pomerium.com/docs/deploy/k8s/ingress