Meecrogate API gateway solution supports JWT authentication and claims control. Configure your API gateway to authenticate incoming requests using JWT tokens.
JWT tokens contain claims that provide information about the user and their permissions. Define custom claims in your JWT payload to represent user roles. For example, you might have a claim like "role": "admin" or "role": "user".
Select the API Operation in the Control Station to apply the RBAC policy so that the API Gateway will validate JWT tokens and extract the role claim. Based on the role claim extracted from the JWT token, allow or deny access to specific API resources. For example, if a user with the "admin" role accesses an API resource, allow the request to proceed. If a user with the "user" role tries to access the same resource, deny the request.