Any recommendations for using Auth0 + NGINX + k8s together please?
We want to run our REST APIs on k8s, with nginx as an API gateway. At the API gateway level we want to handle integration with Auth0 for API authentication.
Is this a use case you see a lot? Any other recommendations for an API gateway would be appreciated also if nginx (free version) + Auth0 isn’t ideal for this use case.
I confess it’s the first time I’m seeing that trio together, but the Auth0 + NGINX combination is more common. Looking at NGINX features (https://www.nginx.com/products/feature-matrix/) it seems that the Plus edition would be the one with API Gateway built-in functionalities like (Module ngx_http_auth_jwt_module) which would allow integration with any authorization server issuing JWT bearer tokens (Auth0 in your scenario).
In the free version I believe you would have to build your own JWT validation logic into NGINX; for example, there was this Lua-based script that validated JWT’s, however, the repository is no longer being maintained. In conclusion, it may be possible, but it seems the API Gateway usage scenario is more aligned with the use of NGINX Plus.