CR AccessControl

Airlock Microgateway can be configured to perform authorization, authentication and identity propagation using the CR AccessControl. For session handling, access control requires a Microgateway Session Agent setup with a Redis database. See also article Microgateway Session Agent.

Currently, only basic OpenID Connect (OIDC) support is available for testing purposes. Future Airlock Microgateway releases will add configuration options for use in production environments.

This CR needs to be referenced in the CR SidecarGateway.

Example configuration

For the default and an example configuration, see CR AccessControl reference documentation.

  • About the example configuration:
  • The CR OIDCRelyingParty specifies how the Airlock Microgateway Engine interacts with an OpenID Provider (OP) to authenticate the user.
  • The CR IdentityPropagation specifies how the identity of the authenticated user is propagated from the Microgateway Engine to the back-end.