Peter Yurkovich
Peter Yurkovich
Unfortunately kubernetes tokens are not standardized to be jwt tokens. The only real requirement for them is to be able to be sent in a header ([link](https://kubernetes.io/docs/reference/access-authn-authz/authentication/#putting-a-bearer-token-in-a-request)), and then the...
Apologies for the delay in response. I've added the percli support for the external auth providers in the most recent commit. If we do decide on a different direction for...
Branch update PR can be found here: #3392
A call to go over this sounds good to me. I'm free all day on the 10th if anytime then would work for yall
I'm still working on adding e2e tests, but outside of that or comments on the PR there aren't any other planned changes to the structure of the code so review...
I agree that the verbiage of the authn/authz is confusing. Some other options could be: ```yaml Authentication: internal: # Store user info in perses backend - native - oidc -...
> Maybe again because I don't have the full picture, but I don't understand why we can't support external authn and other authns at the same time. The primary issue...
> Exactly. What I did in the other project was to apply authz dynamically according to the token shape. If it was an oidc external token, I was using associated...
After the other PR is merged, I will un-hold this one