Securing multiple web resources under OIDC authentication in Kubernetes cluster

how can I put various web resources (k8s dashboard, prometheus main page, grafana homepage, etc) under OIDC authentication?

openunison or oauth2proxy/kube-oidc-proxy

https://www.tremolosecurity.com/post/kubernetes-authentication-comparing-solutions

walks you through how to do it with the dashboard with openunison, keycloak, pinnipend, and dex

ah ok, now I understand what kube-oidc-proxy did on my previous cluster!

(kube-oidc-proxy works with dashboards that support impersonation)

it seems a not so simple matter… thank you very much