Hey there! Hope you're all well. Does anyone have...
# ktor
Hey there! Hope you're all well. Does anyone have any experience of using bearer-only authentication with ktor? The use case is as follows: I have a frontend SPA which connects to an instance of Keycloak to authenticate. I have a microservice running on the backend using ktor. I want to make sure that the calls I'm getting on that microservice are authenticated. Keycloak supports a bearer-only client mode, which allows me to just send the bearer token from the frontend to the backend, validate it and proceed. I can do all that manually, but my question is: Is there a way to configure the Authentication plugin to do this? Should I just configure an interceptor that grabs the bearer token and validates it manually against the auth server?