# Running the LeZa Proxy

## What is the LeZa proxy?

[*LeZa Proxy*](https://hub.docker.com/r/simplusinnov/leza-proxy) is open-source software that can be installed on any infrastructure, it is currently available as a [Docker](https://docs.docker.com/get-docker/) image. The proxy plays the role of a security gateway to your applications and services and is easily configured through **LeZa Platform.**

***See the steps below to get your LeZa gateway up and running.***

## How to set up the architecture of my app?

The LeZa proxy is the gateway to your application and should be the only public access point (unless you know what you are doing). This means that the proxy should be inside the private network containing your application. Although there is a way to configure your application and the LeZa gateway on different networks this requires a bit more work. We highly recommend for the purposes of efficiency and security you keep all instances inside the same private network.

## Configuring your LeZa Proxy

To install the proxy you will need the **Client ID** and **Client Secret** of your application, if you don't know where to get those please refer to the [create an application section](https://docs.leza.glasc.io/getting_started/create-a-first-application).

You will also need to have docker installed.

If needed, you can go to [Docker Documentation](https://www.google.com/url?q=https%3A%2F%2Fdocs.docker.com%2F\&sa=D\&sntz=1\&usg=AFQjCNGKVGdPCjyAfuSrWCeHFaClP9227w) in order to see how to install and run the docker container.

Next, pull the LeZa Proxy docker image with this command

```
docker pull simplusinnov/leza-proxy
```

Then, run the proxy with the below command

```
docker run -e OAUTH2_CLIENT_ID=[YOUR_LEZA_CLIENT_ID] -e OAUTH2_CLIENT_SECRET=[YOUR_LEZA_CLIENT_SECRET] --net=host -it -d simplusinnov/leza-proxy
```

{% hint style="warning" %}
Input the client\_*ID and client\_secret provided by LeZa when* [*registering your application*](https://docs.leza.glasc.io/create-a-first-application#registering-your-application) *where you see* **\[YOUR\_*****LEZA\_*****CLIENT\_ID], \[YOUR\_*****LEZA\_*****CLIENT\_SECRET]** in the command.
{% endhint %}

{% hint style="warning" %}
Note: If you use docker desktop, then **--net=host** will not work for you :cry:&#x20;
{% endhint %}

If you are using a Mac then use the following command:

```
docker run -p 8001:80/tcp -e OAUTH2_CLIENT_ID=[YOUR_LEZA_CLIENT_ID] -e OAUTH2_CLIENT_SECRET=[YOUR_LEZA_CLIENT_SECRET] -it -d simplusinnov/leza-proxy
```

*Your proxy should now be running and if you configured your application on LeZa you will be redirected to a login page when trying to access your content!* :shield::raised\_hands:&#x20;