-
Either way, you will need to validate the signature of the JWT. You can do this with the public key and a library such as https://github.com/golang-jwt/jwt.
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
-
OPA is a full fledged solution as an external auth provider to reverse proxies like Nginx, Envoy or Traefik...etc. It can be a bit complex and overkill for smaller systems. I have a solution called bouncer as a much simpler and opinionated replacement to OPA. Have a look at it, at least it can give you ideas.
-
OPA is a full fledged solution as an external auth provider to reverse proxies like Nginx, Envoy or Traefik...etc. It can be a bit complex and overkill for smaller systems. I have a solution called bouncer as a much simpler and opinionated replacement to OPA. Have a look at it, at least it can give you ideas.
-
credentials-operator
Automatically register and generate AWS, GCP & Azure IAM roles, X.509 certificates and username/password pairs for Kubernetes pods using cert-manager, CNCF SPIRE or Otterize Cloud
You could create JWT or mTLS-based identities, and then verify those in your middleware. If you are on Kubernetes, you might try using SPIRE together with the SPIRE integration operator to automatically issue identities as Kubernetes secrets, which you could then use to connect between services.