Updates authentication rules to all services. Once applied, the services will need authentication to be used.
There are two authenticators set up:
bearer_token: Deal with programatic access. Expects a bearer token and validates it against a ORY secrets
cookie_session: Deal with Browser based access. Expects a Session Cookie with a token and validates it in the same way as above.
In both cases, after getting the token, the gateway validates the user and re-encodes the user information into a JWT token (This is configured by the id_token mutator.
There can be more than one authenticators, but they are tried in a top-down approach. If the first fails, the second one is tried. If both fail, it returns a 401.
TODO: Add Authorization to differentiate regular users from Admins
Updates authentication rules to all services. Once applied, the services will need authentication to be used.
There are two authenticators set up:
bearer_token
: Deal with programatic access. Expects a bearer token and validates it against a ORY secretscookie_session
: Deal with Browser based access. Expects a Session Cookie with a token and validates it in the same way as above.In both cases, after getting the token, the gateway validates the user and re-encodes the user information into a JWT token (This is configured by the
id_token mutator
.There can be more than one authenticators, but they are tried in a top-down approach. If the first fails, the second one is tried. If both fail, it returns a 401.
TODO: Add Authorization to differentiate regular users from Admins