Ory is the largest open source community in the world for cloud software application security. We maintain advanced open source security software solving authentication, authorization, access control, application network security, and delegation. Ory implements a variety of industry and best-practice standards including OAuth 2.0 / OAuth 2.1, OpenID Connect, Zero Trust Networking, Google Zanzibar Policy Framework, FIDO2 U2F, WebAuthn, TOTP, and more.

Ory Community

Hello everyone, I have been struggling with oathkeeper rules to support a whitelist approach, since writing a rule for every path in my API will become tedious at some point. so unfortunately the golang regular expression engine doesn't support negative look ahead and relying on glob with ordering the rules by specifity is not really reliable.
has anyone implemented a whitelist approach in their rule system? I would be very greatful for any reliable solution. the copitlot was not much of a help. it mentioned the `priority` feature for rules, however it doesnt seem that the oathkeeper maester CRDs support that. any insight would be really appreciated