github
/
consul
mirror of https://github.com/hashicorp/consul
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Backport of [Docs] Add note to jwt docs to specify the need for ACLs into release/1.16.x (#18987) 

backport of commit 49050446ab

Co-authored-by: Ronald Ekambi <ronekambi@gmail.com>
pull/18988/head
hc-github-team-consul-core 2023-09-22 13:31:36 -04:00 committed by GitHub
parent e81b8a3964
commit 91267027de
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
website/content/docs/connect/intentions/jwt-authorization.mdx
View File

@ -26,6 +26,10 @@ When configuring your deployment to enforce service intentions with JSON Web Tok
When you set the `JWT{}.Providers` field in a service intentions configuration entry to the wildcard `*`, you can configure default behavior for all services that present a token that matches an existing JWT provider configuration entry. In this configuration, services that have a valid token but do not have a more specific matching intention default to the behavior defined in the wildcard intention. When you set the `JWT{}.Providers` field in a service intentions configuration entry to the wildcard `*`, you can configure default behavior for all services that present a token that matches an existing JWT provider configuration entry. In this configuration, services that have a valid token but do not have a more specific matching intention default to the behavior defined in the wildcard intention.
## Requirements
* **Enable ACLs**. Verify that ACLs are enabled and that the default_policy is set to deny.
## Usage ## Usage
To configure Envoy proxies in the service mesh to validate JWTs before forwarding requests to servers, complete the following steps: To configure Envoy proxies in the service mesh to validate JWTs before forwarding requests to servers, complete the following steps: