One of the great things about Istio is that it provides a solid mechanism for service to service auth within a mesh using mTLS and AuthorizationPolicy

But what if the thing accessing your services is not in the mesh. What if it’s a person and not a process? What if it’s a customer instead of an employee in your organization?

Suddenly, the options and tools to fulfill them become overwhelming. Let’s break down our patterns and tools to determine which to use and when.