Ladies and Gentlemen,
Have one question - what are options for SSO for Istio?
I have a requirement - X.509 certificate based SSO for a client accessing an app running in mesh behind Istio Ingress gateway, while IdP for SSO is provided by the third party and is running outside of k8s cluster.
The IdP/SSO currently works for apps running on other k8s cluster but without Istio using SAML2. Question is - how to have the same functionality for the apps running in Istio mesh.
I did some reading and came with rfc8705 and rfc7522 but neither of them are supported by envoy proxies in Instio.