Open sheldon-sminq opened 6 years ago
With Vert.x 3.5 there is a experimental service proxy interceptors feature and the only implemented one is a JWT interceptor:
So you can then protect your service if the given JWT is valid. This was a very late adition to 3.5 and we haven't documented it properly that is why it is considered experimental at the moment.
Ho would you go about preventing the internal apis from getting accessed directly without routing requests through the api gateway?
We would like to enforce all requests to go through the api gateway only.