graphgate icon indicating copy to clipboard operation
graphgate copied to clipboard

Published 20 hours ago verified publisher icon async-graphql

JWT Authentication support

Open akhramov opened this issue 4 years ago • 1 comments
trafficstars

JWT Authentication support

Hey there, thanks for the amazing initiative. It's exciting to see Apollo Federation being implemented in Rust!

Just one question: are there any plans to implement JWT Auth, just like it's done in the original Apollo Federation? https://www.apollographql.com/blog/setting-up-authentication-and-authorization-with-apollo-federation/

If it's not supported, are there any plans to support that? What would the API (read: config) look like? :)

akhramov avatar Apr 02 '21 09:04 akhramov

I recommend you use forward headers and have the services validate the JWT instead.

If you really want to make sure no requests are executed without auth, you should put something in front of the gateway such as pomerium, oathkeeper ambassador etc

edude03 avatar Dec 21 '21 14:12 edude03