Why not give us some signed JWTs for external authentication.
Secrets is only good for legacy systems.