Blacklist JWT token

#1

I have Istio setup with JWT end user authentication on the ingress gateway.

I see that it is possible to blacklist a user by using the source.principal attribute but I was wonder if it would be possible to blacklist a token by using the JTI? Can I setup a rule that could add this value to the request headers or make a custom attribute?

Thank you for your help.

0 Likes