Expand description
JWT authentication and route-level authorization.
Validates Authorization: Bearer JWTs against a configured key source (an
Ed25519 PEM file or a JWKS endpoint), enforces per-route policies
(require_auth / required_roles), and forwards selected claims to the
upstream as request headers. Active only when auth.mode == "jwt".
Modules§
- authz
- External authorization via the Envoy ext_authz gRPC contract.
- forward
- Forward-auth verification endpoint.
- jwks
- JWKS fetching and key cache.
- policy
- Route-level access policies.
Structs§
- Auth
- Compiled auth configuration: keys, expected claims, and route policies.
Functions§
- middleware
- Axum middleware enforcing JWT auth and route policies.