K
Q

How to auto-decode JWT via Istio for backend service?

5/10/2019

I am using k8s and istio to manage my mesh network.

I have already used istio to validate JWT but I want more option about decoding the JWT(only payload) inside my backend service.

I think it's a good solution to add more headers into the request.
Every services doesn't have to validate JWT, doesn't need to decode the payload but just has to use headers.

Any ideas how this works ?

-- MrNonz
decode
istio
jwt
kubernetes

Similar Questions

Deploy Docker container to Kubernetes using yaml file
kubernetes service - can the same port value (ie 10002) be used on 3 different variable values (port, targetport, nodeport)?
Use HTTP traffic for internal communication in WSO2 API Management across all components
Error in Transport for helm install package
error: one of src or dest must be a remote file specification
Access pod application by pod IP outside Cluster

1 Answer

11/22/2019

Envoy Lua filter can do this for you: https://github.com/BarDweller/istio-content-based-routing/blob/master/istio-envoy-filter-jwt-lua.yaml

Detailed discussion is in https://github.com/istio/istio/issues/8444, but they had another more complicated use case.

-- det
Source: StackOverflow