4data provides tailored cloud services to solve specific problems without mandating customers to increase their local infrastructure footprint. All these services can be managed remotely via our management application running in the browser only and communicating via REST APIs. This is where KrakenD joins the game to protect our backend REST API endpoints, both internal and external.
The main challenge was to protect endpoints from unauthenticated access. Wherever required, KrakenD applies JWT validation to ensure only authenticated requests are reaching the backend services.
Initially the JWT validation was done in each backend service and had to be maintained in different locations. Additionally, the JWT contains important information about the requesting customers, which needs to be available in the backend. The KrakenD JOSE Validation Plugins allowed to easily configure a JWKs Url to get the related keys for signature validation, claim validation (like issues & audience), and forwarding specific claims within the upstream request header.
Why KrakenD? Others can do this as well! Yes, other API Gateways provide similar functionality! But is functionality the only KPI? At 4data we strongly believe that products must be easy to use, with a small footprint, and good performance. This is exactly what KrakenD does (and more)!
Stefan Mantel is a Cloud Architect at 4data.ch