-
Tinkerbell doesn't have strong AuthN/AuthZ support. This has been raised in https://github.com/tinkerbell/tink/issues/507 with some ideas on how we could address.
-
Hello,
all other SDKs mention the ".check()" function, which is used to check authZ for the request.
How can i do that with this SDK?
Thanks!
-
*Description*:
I'm assessing whether we can move away from our current Ingress/Auth Ambassador Edge-Stack in favor of Envoy Gateway or others. We heavily rely on JWT & OIDC filtering at the moment an…
-
As far as I can see there is not any auth or authz in tarmac.
i generally use NATS for rerouting events into tarmac . Nats just wants a jwt to control Auth and Authz.
But even without NATS , Tarn…
-
**Describe the bug**
RPCCapabilities class doesn't display properly for mergeable cases. (side-effect: the equal action is wrong.)
**To Reproduce**
// Affected commit: V10
i.e., https://github.c…
-
**Issue/Bug Template**
*Title*: I can't make ext_authz work
*Description*:
>ext_authz config seems to ignore uri parameter. Request goes straight to the auth_cluster cluster right onto the clus…
-
*Title*: *Retry failed ext_authz requests*
*Description*:
>Is there a way to retry `ext_authz` requests after a network failure not an authorization service failure?
-
**`/api/v1/verify`**
1. Responds with 200 OK if action does not need an authorization.
**Actions to skip:**
* health endpoint
* ambassador endpoints
* accounts sign_in/sign_up/sign_out
2. Ch…
-
https://www.rfc-editor.org/rfc/rfc9101.html defines a `typ` value to be used in the header of request objects, `oauth-authz-req+jwt`, but doesn't go as far as requiring it to be used, offering various…
-
Expected behavior:
If a resource session fails due to lack of a trusted device a audit log entry would occur.
Current behavior:
For an application a user will get a message that a trusted device is…