This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

securing a new project, recaptcha + iam + api gateway + identity(?) + cloud run

Posted on 01-18-2025 05:21 AM
ddfire
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

Hi

I am looking on some examples on how to use all that stuff to secure my web and app.

the idea is to present a login to the user, then if it is needed to use recaptcha and with that have a "token"/jwt/whatever to give in a header in the GET/POST request to api gateway to after that get to the real resource cloud run in this case.

I believe and please correct me that i should not use firebase auth because i want to be able in the near future integrate okta and also i don't want to let every human to create an account. 
there are parts of my system that everyone can create an account and others that are restricted to specific roles and the account need to be approved by hand. (or the permissions be given by hand)

i already read how to put together apigateway and cloud run, now i need to understand how to ask for the credentials and reCaptcha to the user 
Thanks

0 2 152
Topic Labels
0 Likes
2 REPLIES 2

Posted on --/--/---- --:-- AM
NoCommandLine
Bronze 3
Bronze 3
Reply posted on --/--/---- --:-- AM

Hi,

Your process/flow isn't quite clear (at least to me). 

Can you describe your use cases from the point of view of someone typing in your url in a browser e.g. I type in your url in a browser, what do you want to happen? Should I get a forbidden error message or a page asking me to login? If I the latter and I login, what happens after that?

 

   ......NoCommandLine ......
https://nocommandline.com
Analytics & GUI for App Engine,
Cloud Run & Datastore Emulator
0 Likes

Posted on --/--/---- --:-- AM
ddfire
Bronze 1
Bronze 1
In response to NoCommandLine
Reply posted on --/--/---- --:-- AM

Thanks for your answer.

As an end user
I go to example.com, where i expect to see a login page, then i write my credentials and because i expect example.com be very secure i want to see a reCaptcha.
Once i solve it, i expect to be redirected to a site that is specific for my company.
like example.com/<companiID> 
Also when i click something in the dashboard i expect some "magic" process brings me a result (Cloud Run)

for the system to know to what company i belong it can gets the claims from idenity platform and also i will belong to a specific group there.
It is posible also to use somecompany.example.com to login and know the group in identity platform


So i have
Cloud armor
ReCpatcha
Api Gateway
Cloud Run
That i need to glue together 
Thanks!!!!

 

0 Likes