> ## Documentation Index > Fetch the complete documentation index at: https://docs.keephq.dev/llms.txt > Use this file to discover all available pages before exploring further. # OAuth2Proxy Authentication Keep Cloud: ✅
Keep Enterprise On-Premises: ✅
Keep Open Source: (experimental) Delegate authentication to Oauth2Proxy. ### When to Use * **oauth2-proxy user:** Use this authentication method if you want to delegate authentication to an external Oauth2Proxy service. ### Setup Instructions To start Keep with Oauth2Proxy authentication, set the following environment variables: #### Frontend Environment Variables | Environment Variable | Description | Required | Default Value | | --------------------------------- | --------------------------------------------------- | :------: | :----------------: | | AUTH\_TYPE | Set to 'OAUTH2PROXY' for OAUTH2PROXY authentication | Yes | - | | KEEP\_OAUTH2\_PROXY\_USER\_HEADER | Header for the authenticated user's email | Yes | x-forwarded-email | | KEEP\_OAUTH2\_PROXY\_ROLE\_HEADER | Header for the authenticated user's role | Yes | x-forwarded-groups | #### Backend Environment Variables | Environment Variable | Description | Required | Default Value | | --------------------------------------- | ---------------------------------------------------- | :------: | :----------------: | | AUTH\_TYPE | Set to 'OAUTH2PROXY' for OAUTH2PROXY authentication | Yes | - | | KEEP\_OAUTH2\_PROXY\_USER\_HEADER | Header for the authenticated user's email | Yes | x-forwarded-email | | KEEP\_OAUTH2\_PROXY\_ROLE\_HEADER | Header for the authenticated user's role | Yes | x-forwarded-groups | | KEEP\_OAUTH2\_PROXY\_AUTO\_CREATE\_USER | Automatically create user if not exists | No | true | | KEEP\_OAUTH2\_PROXY\_ADMIN\_ROLES | Role names for admin users | No | admin | | KEEP\_OAUTH2\_PROXY\_NOC\_ROLES | Role names for NOC (Network Operations Center) users | No | noc | | KEEP\_OAUTH2\_PROXY\_WEBHOOK\_ROLES | Role names for webhook users | No | webhook |