common icon indicating copy to clipboard operation
common copied to clipboard
verified publisher icon prometheus

web: Support jwt/bearer token auth

Open jkroepke opened this issue 1 year ago • 2 comments

Adding jwt token auth in addition to basic auth would be a great benefit for in-cluster service authentication.

The kubernetes service account tokens are OIDC compliant and short-living which increases the security compared to static auth basic credentials. the common library could use a JWKS (JSON Web Key Set) to validate the signature of tokens.

Since the common web package is used in a lot of exporters, node_exporter could be secured by jwt auth. Prometheus already support bearer token auth at scrape jobs.

jkroepke avatar Feb 03 '24 08:02 jkroepke

Any updates to this? Been almost a year

tpanza avatar Jan 18 '25 01:01 tpanza

+1

mdscarlos avatar Jan 27 '25 11:01 mdscarlos