Replies: 1 comment
-
|
https://docs.nginx.com/nginx-ingress-controller/releases/#500 |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
If a user configures a JWT Policy https://docs.nginx.com/nginx-ingress-controller/configuration/policy-resource/#jwt-using-local-kubernetes-secret and also a rate limit policy https://docs.nginx.com/nginx-ingress-controller/configuration/policy-resource/#ratelimit , currently, it is not possible to use JWT claims (like sub) as a rate limiting key.
Supporting rate limiting based on JWT claims will enable more granural rate limiting -- it will be possible to use information about an authenticated user.
Here is an example of such rate limiting in the native NGINX Plus configurtion -- https://www.nginx.com/blog/authenticating-api-clients-jwt-nginx-plus/#Leveraging-JWT-Claims-for-Logging-and-Rate-Limiting
Related: #4417
Beta Was this translation helpful? Give feedback.
All reactions