Nginx: verify OIDC token before rewrite
A while ago I managed to get Nginx and OpenID Connect working together. Obviously, there is a commercial plugin provided by Nginx authors, but for simpler cases we can use a a simpler way with auth_request which works nicely with OIDC token introspection served by for example Keycloak.