Equivalent to traefik forwardAuth (external authorization in istio)


We are building an API gateway in which we want to authorise requests against our existing OAuth2 Authentication Provider. In traefik there is the option to use the forwardAuth middleware to pass headers to the Provider which will return a 200 or otherwise which traefik will act upon.

I know there are EnvoyFilters that might possibly fill the gap here, but I’m not 100% on exactly what these should look like to meet our needs, and if there if something a little less low-level that we could use instead.