seanleblanc edited a comment on issue #6260: URL: https://github.com/apache/apisix/issues/6260#issuecomment-1033059506
> we have JWT plugin, see https://github.com/apache/apisix/blob/master/docs/en/latest/plugins/jwt-auth.md > > Please describe the scenario in detail, I can't get to your needs. I'm trying to get apisix to do do authz on a route. I want it to look at the Authentication header to inspect JWT token and that it has proper scope(s) on it and then either pass on the request - or reject it. Much like what Istio does with RequestAuthentication and AuthorizationPolicy objects. In the first case, I'm trying to get it to do this with KeyCloak, if that helps at all. Though we will likely swap out KeyCloak for other token providers, depending on environment/project we are on. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org