|
|
|
|
|
|
by devman0
395 days ago
|
|
|
Header passthrough is nice to have, but there isn't really a standard for it for TLS, and it isn't well supported by most applications that are interested in doing mTLS. Additionally there is a trust component required between proxy and application and while can be accounted for in the architecture between the two a JWT instead passes through nicely and can be independently validated by the application. |
|
|