New jwt_auth rule
I’m currently using a proxy to authenticate the user with a JSON Web Token and pass the X-Forwarded-User header to a ‘proxy_auth’ configured ES server.
It would be great if a new rule were implemented to cover this use case
And I believe I could give a try to this. Looks easy enough.
The config would look something like this:
# For symmetric encryption
# The JWT claim used as replacement of
# the @user placeholder
I think that covers my current needs. But some other features like asymmetric JWT would be cool too.
The token may also include extra information that could be made available to subsequent rules. That would be awesome.
Let’s do this?