Travis Glenn Hansen

Yes. It’s relatively advanced but you could use this: https://github.com/travisghansen/external-auth-server/blob/master/PLUGINS.md#request_js It’s effectively a BYOP (bring your own plugin) config :)

Have you tried verbose? I prefer not to use info in looping type scenarios. In the bigger picture, it may be a good idea to implement a sort of logging...

Yeah glad the oidc features in jwt is helpful! The new single logout stuff is pretty cool as well. By looping in this context I mean there are n+1 due...

I don't know much about saml, but another plugin is certainly a viable option. I'd have to do some reading on saml to know how good of a fit it...

`saml` would pretty much be a reproduction of the `oauth2`/`oidc` plugins. It can/could be done but isn't a high-priority for me currently given the coverage provided by the other 2....

Very cool, I'll do some research and see where/how it might fit. I'm not familiar with OPA so if you have any insights to share on that and how it...

Does the client specify which policy/rule to apply (already defined on the opa server) when making the request? This seems like a pretty cool idea and fits nicely with some...

Very cool. I'll start digging around at it and see how it might fit into the picture.

Yeah it would simply be specific type of assertion I think. If nothing is defined in the `opa` assertion block then it would never get invoked. I think this is...

Yeah, I would leave the installation to the user for sure, I *think* I would handle this similar the to the header injection stuff that can be applied at the...