We are implementing Istio in existing architecture, where inter service communication is not authorized via JWT tokens, authorization is made at system entry point (custom API GW component) after which headers are stripped.
I have tried with test configuration for Istio with request authentication and authorization policies placed on namespace/workload level.
Problem I am facing that downstream services are protected via own authorization policies which expect jwt claims, but in current ms implementation jwt is not propagated in service to service HTTP communication.
I would like to avoid changes in ms implementation (jwt propagation).
Is Istio capable of passing automatically Authorization headers in service mesh?