Our great sponsors
-
Either way, you will need to validate the signature of the JWT. You can do this with the public key and a library such as https://github.com/golang-jwt/jwt.
-
OPA is a full fledged solution as an external auth provider to reverse proxies like Nginx, Envoy or Traefik...etc. It can be a bit complex and overkill for smaller systems. I have a solution called bouncer as a much simpler and opinionated replacement to OPA. Have a look at it, at least it can give you ideas.
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
OPA is a full fledged solution as an external auth provider to reverse proxies like Nginx, Envoy or Traefik...etc. It can be a bit complex and overkill for smaller systems. I have a solution called bouncer as a much simpler and opinionated replacement to OPA. Have a look at it, at least it can give you ideas.
-
credentials-operator
Automatically register and generate AWS, GCP & Azure IAM roles, X.509 certificates and username/password pairs for Kubernetes pods using cert-manager, CNCF SPIRE or Otterize Cloud
You could create JWT or mTLS-based identities, and then verify those in your middleware. If you are on Kubernetes, you might try using SPIRE together with the SPIRE integration operator to automatically issue identities as Kubernetes secrets, which you could then use to connect between services.
