Adding jwt token auth in addition to basic auth would be a great benefit for in-cluster service authentication.
The kubernetes service account tokens are OIDC compliant and short-living which increases the security compared to static auth basic credentials. the common library could use a JWKS (JSON Web Key Set) to validate the signature of tokens.
Since the common web package is used in a lot of exporters, node_exporter could be secured by jwt auth. Prometheus already support bearer token auth at scrape jobs.
Adding jwt token auth in addition to basic auth would be a great benefit for in-cluster service authentication.
The kubernetes service account tokens are OIDC compliant and short-living which increases the security compared to static auth basic credentials. the common library could use a JWKS (JSON Web Key Set) to validate the signature of tokens.
Since the common web package is used in a lot of exporters, node_exporter could be secured by jwt auth. Prometheus already support bearer token auth at scrape jobs.