Client authentication

Mesh server could be configured to protect its gRPC API so that only authenticated users that are assigned to specific roles can access it. There are two options:

• Kerberos, where Mesh authenticates users and grants access to specific APIs based on what AD groups the authenticated users belong to.

• External access token, where users authenticate and request access to Mesh from external authorization servers, and Mesh validates the access token that is obtained from the authorization server.

• Kerberos
  • Windows Kerberos
  • MIT Kerberos (Linux/MacOS)
  • Example
  • Internals
• External authorization
  • Token format
  • Example
  • Internals