I’ve got 4 websites with different domains and different auth services. All of them are using jwt for authentication. All of them are located in separate names paces, except the data storage which are in a namespace used by all of them. Now I’d like to use the jwt authentication policies of istio. But on some sites it’s mentioned that I’ve got to enable the service account token projection in kubernetes to use that policies.
Is that true or can I use the policies without the projections?