Simple verification token / auth for reverse proxy
Ben Woodward
It'd be great if there was a way to ensure that only requests coming from my reverse proxy are allowed. This could be as simple as a shared secret between the reverse proxy and stellate that is send as a header from the proxy, and used by stellate to verify the request.
Having a reverse proxy is useful as it makes it easy to add other on-the-fly security configs like blocking specific IPs and enabling CORS.
Thomas Heyenbrock
Hey Ben Woodward 👋 Stellate supports signing requests where we add a signature inside a HTTP header with the request sent to your origin server. You can find all the details about it in our docs: https://stellate.co/docs/platform/request-signing
Is this something that would solve your use case? If not, what are the missing parts?
David Barrat
Ben Woodward Sounds like a Zero Trust use case, I'm building something like this for securing endpoints/proxyied requests.