The documentation you are viewing is for Dapr v1.9 which is an older version of Dapr. For up-to-date documentation, see the latest version.
Bearer
Use bearer middleware to secure HTTP endpoints by verifying bearer tokens
The bearer HTTP middleware verifies a Bearer Token using OpenID Connect on a Web API without modifying the application. This design separates authentication/authorization concerns from the application, so that application operators can adopt and configure authentication/authorization providers without impacting the application code.
Component format
apiVersion: dapr.io/v1alpha1
kind: Component
metadata:
name: bearer-token
spec:
type: middleware.http.bearer
version: v1
metadata:
- name: clientId
value: "<your client ID>"
- name: issuerURL
value: "https://accounts.google.com"
Spec metadata fields
| Field | Details | Example |
|---|---|---|
| clientId | The client ID of your application that is created as part of a credential hosted by a OpenID Connect platform | |
| issuerURL | URL identifier for the service. | "https://accounts.google.com", "https://login.salesforce.com" |
Dapr configuration
To be applied, the middleware must be referenced in configuration. See middleware pipelines.
apiVersion: dapr.io/v1alpha1
kind: Configuration
metadata:
name: appconfig
spec:
httpPipeline:
handlers:
- name: bearer-token
type: middleware.http.bearer
Related links
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.
Last modified June 24, 2021: upmerge/06-24 (#1588) (55d9123c)