Global authentication

Gateway authentication methods

Cloud-native gateways support multiple authentication methods, including JSON Web Token (JWT), OpenID Connect (OIDC), Identity as a Service (IDaaS), and custom authentication.

• JWT (JSON Web Token)

  Cloud-native gateways use JWTs to authorize access to your APIs. The gateway verifies the identity of each requester and decides whether to return the requested resources. Because tokens carry all necessary authentication information, applications do not need to store user sessions on the server side, enabling stateless and distributed authorization.

  For more information, see Configure JWT authentication.

• OpenID Connect (OIDC)

  OIDC is an authentication protocol that allows third-party applications to obtain user information from identity providers in a secure and reliable manner. It extends OAuth 2.0 by adding an ID Token field that carries basic user identity information. The ID Token is encoded in JWT format, providing a self-contained and tamper-proof mechanism that is easy to transmit and verify.

  For more information, see Configure OIDC authentication.

• IDaaS (Identity as a Service)

  IDaaS provides centralized management of identities, permissions, and applications. Cloud-native gateways integrate with IDaaS to deliver a comprehensive identity authentication solution.

  For more information, see Configure IDaaS authentication.

• Custom authentication

  If client requests contain tokens in a custom format, the servers must call a unified authentication service to validate them. You can connect a cloud-native gateway with a custom authentication service to centrally manage authentication for all your backend services.

  For more information, see Configure custom authentication.