Ory is the largest open source community in the world for cloud software application security. We maintain advanced open source security software solving authentication, authorization, access control, application network security, and delegation. Ory implements a variety of industry and best-practice standards including OAuth 2.0 / OAuth 2.1, OpenID Connect, Zero Trust Networking, Google Zanzibar Policy Framework, FIDO2 U2F, WebAuthn, TOTP, and more.

Ory Community

We are running a kubernetes cluster with nginx controller. Now we want to add oathkeeper as a policy decision point.
Is it possible to use mutators in this case? How can I tell nginx to transform the request header?

If this is not possible how can I add oathkeeper as a proxy in between nginx and my actual webservice (deployment)? I would prefer to run only one instance of oathkeeper. But I think I'm this case I would need to deploy oathkeeper as a sidecar. :/

Found this in the docs:

&gt; The Access Control Decision API will return the mutated result as the HTTP Response.
&gt; 
This might be something that I can grab with nginx to modify the original request.