The bearer HTTP middleware verifies a Bearer Token using OpenID Connect on a Web API without modifying the application. This design separates authentication/authorization concerns from the application, so that application operators can adopt and configure authentication/authorization providers without impacting the application code.
apiVersion: dapr.io/v1alpha1 kind: Component metadata: name: bearer-token spec: type: middleware.http.bearer version: v1 metadata: - name: clientId value: "<your client ID>" - name: issuerURL value: "https://accounts.google.com"
Spec metadata fields
|clientId||The client ID of your application that is created as part of a credential hosted by a OpenID Connect platform|
|issuerURL||URL identifier for the service.||
apiVersion: dapr.io/v1alpha1 kind: Configuration metadata: name: appconfig spec: httpPipeline: handlers: - name: bearer-token type: middleware.http.bearer