AuthService settings

A Mapping can pass these settings along to an AuthService. This is helpful to allow these specific configurations to apply only to certain Mappings and not globally.

Bypass authentication

An AuthService can be disabled for a specific Mapping with the bypass_auth attribute. This will tell Emissary to allow all requests for that Mapping through without interacting with the external auth service. This could be helpful, for example, for a public API.

bypass_auth: true

Context extensions (gRPC only)

The auth_context_extensions attribute will pass the given values along to the AuthService when authentication happens. This is only supported when the proto of the AuthService is grpc, which is a restriction of the underlying Envoy implementation. The values are arbitrary key value pairs formatted as strings.

auth_context_extensions:
  foo: bar
  baz: zing

More information is available on the Envoy documentation on external authentication.

Feedback

Was this page helpful?

Glad to hear it! Please tell us how we can improve.

Sorry to hear that. Please tell us how we can improve.

Last modified September 9, 2024: Update all 1.14 metadata to fix navigation (c0afada)