I have Istio setup with JWT end user authentication on the ingress gateway.
I see that it is possible to blacklist a user by using the
source.principal attribute but I was wonder if it would be possible to blacklist a token by using the JTI? Can I setup a rule that could add this value to the request headers or make a custom attribute?
Thank you for your help.