Documentation
Security
Backend authentication

Backend authentication

When connecting to a backend, an authentication token can be attached to each request using the backend authentication policy.

To attach a static key as an Authorization value, use key:

backendAuth:
  key: $MY_API_KEY

A filepath can also be used:

backendAuth:
  key:
    file: /path/to/my/key

When using JWT authentication, the original token is removed by default. To add it back, the passthrough method can be used:

backendAuth:
  passthrough: {}

Google Application Default Credentials can also be used, which can be useful when connecting to GCP services:

backendAuth:
  gcp: {}

AWS authentication can be used to sign requests to AWS services:

backendAuth:
  aws:
    # Specify access key and session token
    # Alternatively, leaving this empty will use the standard AWS credential lookup (https://docs.aws.amazon.com/sdkref/latest/guide/access.html) based on the environment
    accessKeyId: "$AWS_ACCESS_KEY_ID"
    secretAccessKey: "$AWS_SECRET_ACCESS_KEY"
    sessionToken: "$AWS_SESSION_TOKEN"
    region: us-west-2
Backend TLS