Expose and secure a workload with JWT

This tutorial shows how to expose and secure services or Functions using API Gateway Controller. The Controller reacts to an instance of the APIRule custom resource (CR) and creates an Istio VirtualService and Oathkeeper Access Rules according to the details specified in the CR. To interact with the secured workloads, the tutorial uses a JWT token.

You can use it as a follow-up to the Set up a custom domain for a workload tutorial.


This tutorial is based on a sample HttpBin service deployment and a sample Function. To deploy or create them, follow the Create a workload tutorial. To obtain JWT take a look at Get a JWT tutorial.

Expose, secure, and access your workload

  • HttpBin
  • Function