JWT claims validation


Hi all,
is there any vision to support JWT claims contents validation in istio?

Kind regards


What kind of content validation you want to make ?

Right now, you can check the user (via its jwt) have a specific claim to associtate him to a specific ServiceRole and ServiceRoleBinding.

You have some inbformation about this in the RBAC documentation in the istio documentation


Yeah, currently we support simple string match on JWT claims. In 1.1, we will also support matching on claim of list string: https://preliminary.istio.io/docs/tasks/security/rbac-groups/#configure-the-authorization-of-list-typed-claims.