Currently in Kubernetes you can make use of the webhook authorization to build a custom authorization endpoint using certificates. In reading the doucmentation it looks like if I wanted to use a bearer token there is no way to use the webhook, I have to use point Kube to a csv file with the --token-auth-file argument.

The downside with that is that requires a restart of the api server to pick up the changes. Is there a dynamic way to use bearer tokens instead?