K
Q

Is there an easy way for a kubernetes service to have oauth 2.0 implemented for server side?

6/14/2019

I have a REST API service in kubernetes. Is there any easy plugin or config for implementing OAuth 2.0 for this service?

Can we also leverage Istio or NGINX-ingress controller for this task?

I found somethings online regarding this, but none of the resources seem to clearly explain the OAuth2.0 serverside implementation.

-- enator
istio
kubernetes
nginx-ingress

Similar Questions

Istio Gateway + Cert-Manager + letsencrypt certificate
User does not have permission to access project : Request had insufficient authentication scopes
Kafka Stream memory management (Ktable, RocksDb)
error: unable to upgrade connection: container not found ("wordpress")
Terraform recreate Kubernetes deployment when docker images tag updates

1 Answer

6/17/2019

Yes, definitely it's one of the Istio's built-in security features, the end-user authentication with JSON Web Token (JWT). Citing official documentation:

Origin authentication, also known as end-user authentication: verifies the original client making the request as an end-user or device. Istio enables request-level authentication with JSON Web Token (JWT) validation and a streamlined developer experience for open source OpenID Connect provider ORY Hydra, Keycloak, Auth0, Firebase Auth, Google Auth, and custom auth.

Please jump to this task driven example of End-user authentication with Istio, to have a better understanding how it works in practice.

-- Nepomucen
Source: StackOverflow