I have a k8s cluster with istio 1.12.1.
I was able to set up authentication and authorization using a keycloak server.
Using curl I’m able to:
- access the keycloak server and obtain a jwt token
- using the jwt token I can access variuos sevices
- obtaining a 200 http return code if jwt is valid and role is authorized
- obtaining a 403 http return code if jwt is valid and role is not authorized
Now I need to create and deploy a demo application that replicate the same behaviour.
Everything I tried ends up in passing the correct token to istio ingress but obtaining always a 403 http error code.
There is any example application to demostrate authentication and authorization with Istio?