Tech
June 8

Why centralize legacy authentication at the ingress gateway

Tired of “just use JWT!” tutorials? Learn how to move your existing legacy authn/authz to a centralized service working together with your ingress gateway. Convert basic, bearer, or other authentication mechanisms into a common format, even handling multiple auth types for all your endpoints.‍
Talk abstract

Most platforms built over time will have a variety of API endpoints, either in a large monolithic codebase or spread across a few services. Ideally there will be a centralized way to handle authentication and authorization, but often they are built at different times for different needs, and can end up with their own separate authentication. This then becomes tricky to manage cohesively when either breaking up a monolith or handling identities consistently across a service-oriented architecture.

Whilst there are many approaches (all valid) to centralizing authentication, this talk looks at how existing legacy authentication code can be abstracted out to a new service. This can work in combination with an ingress gateway, to provide a central place to enforce authentication and determine authorization. Content will include how allow/deny logic works, how authentication information can be sent to downstream services, and how multiple authentication mechanisms can be handled by a single authentication service.

Andrew Kirkpatrick
Staff Engineer, PartnerStack

Related talks

Tech
June 9
Automate R&D workflows using serverless functions
As the cloud-native environment becomes increasingly complex and dynamic, it presents numerous challenges for platform teams. Managing software development manually is difficult and prone to human error and security issues, making automation essential for reducing workload and increasing security.
Michael Yuan
Founder & CEO, Second State
sponsored
Tech
June 8
Abstracting Kubernetes and setting standards with internal developer portals
Developers find it difficult to manage Kubernetes, let alone understand it when troubleshooting or developing in a shift left world. Internal developer portals can be used to abstract and whitelist K8s data and set standards through scorecards.
Suzanne Daniels
Developer Relations Lead, Port
sponsored
Tech
June 9
The current state and future of Internal Developer Portals
This session will cover how an internal developer portal and platform helps organizations, the current state of the internal developer portal product category, and the future of internal developer portals.
Seth Demsey
Co-Founder, configure8
sponsored
Tech
June 9
How to deploy Kotlin applications to Kubernetes without Dockerfiles
In this talk Lothar shares how to create docker images with Kotlin and Gradle only. Lothar will showcase a ktor application as well as create and deploy a Docker image that contains the application to a Kubernetes cluster. The deployment happens on the command line only - every code change will trigger an instant deployment of a newly created Docker image to a Kubernetes cluster.
Lothar Schulz
Head of Engineering, Miro
sponsored