Open mpstefan opened 1 year ago
@mpstefan Might want to break these out into two. one for authentication one for authorization.
This issue is stale because it has been open 90 days with no activity. Remove stale label or comment or this will be closed in 10 days.
This issue was closed because it has been stalled for 10 days with no activity.
As a cluster operator using NGF I want to block any traffic without a valid JWT on the request So that I can ensure all of my traffic on my authenticated endpoints are authenticated.
Background
As our first pass at authentication and authorization, we want to provide a first-class mechanism to validate JSON Web Tokens using a local key. This is a high use feature especially for larger organizations using NGINX Plus, to be immediately followed by OpenID Connect support for remote key retrieval.
Not included in this epic:
Acceptance Criteria
HTTPRoute
with enabled JWT authentication are validated against the configured JWT key file and rejected if the JWT fails validation.