Erik Larsson

👋 I am taking a stab at protecting the api backend with backstage id tokens - for selfish reasons but hopefully contributable. It works, but I am not so sure...

I ran into an additional complexity, realizing that the catalog api is consumed from the backend as well. As far as I interpret the design, you want apis to be...

After some struggle attempting to fit into existing design with as little refactoring as possible, here is a suggestion: https://github.com/backstage/backstage/pull/3916 + https://github.com/backstage/backstage/pull/3914 WDYT? @GoWind I went with @Rugvip suggestion that...

@kenyee not sure I understood your question fully, but if the question was: can you use Okta/Google login client-side and use the experimental method described in the contrib section to...

> IIRC that's already implemented by the authn forward middleware that sends the token to all API calls. I believe what's missing in this PR is some helper functions to...