JWT Policy using local jwks

#1

I see that Envoy api supports a file based jwks using something like:

local_jwks:
filename: /etc/envoy/jwks/jwks1.txt

Looking through the Istio JWT examples and source code, I am not clear as to whether this is supported yet via the Istio authentication implementation. Everything seems to simply reference the usage of jwksUri: “https://myjwksendpoint.com

Can someone please clarify if Istio does support either using a local file or inline string for the jwks?

Thanks!

0 Likes

#2

@YangminZhu @liminwang

0 Likes

#3

This is currently not supported in the JWT API, we have plans to support using inline string, probably in Istio 1.3. There is no plan to support local file for now.

0 Likes