Protected Endpoint

ProtectedEndpoint defines the endpoint that needs authorization to access.

For example, the default configuration for Kalm dashboard would look as follows:

kind: ProtectedEndpoint
name: kalm
namespace: kalm-system
name: kalm
allowToPassIfHasBearerToken: true
- 3001

It protects the 3001 port of the kalm component.

Protected Endpoint

namestringname of the endpointTrue
typeProtectedEndpointTypetype of protected endpointTrue
portsuint32[]the protected service portsFalse
groupsstring[]groups the user should be in to access protected endpoint.False
allowToPassIfHasBearerTokenboolAllow auth proxy to let the request pass if it has bearer token. This flag should be set carefully. Please make sure that the upstream can handle the token correctly. Otherwise, client can bypass Kalm SSO by sending a not empty bearer token.False


PortProtect a single port of a component
ComponentProtect all ports of a component
HttpRouteProtect all ports that receive traffic from this route
Last updated on by Liu Mingmin