Envoy Proxy

Envoy Proxy External Authorization API

The Envoy External Authorization API provides a gRPC or HTTP interface for delegating authorization decisions to an external service. When a request arrives, Envoy calls the ext_authz service, which can approve, deny, or modify the request before it is forwarded to the upstream. This enables policy-based access control enforced at the proxy layer.

GitHub

Documentation

📖
Documentation
https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/ext_authz_filter

SDKs

📦
GitHubRepository
https://github.com/envoyproxy/envoy

Other Resources

🔗
Reference
https://www.envoyproxy.io/docs/envoy/latest/api-v3/extensions/filters/http/ext_authz/v3/ext_authz.proto

API entry from apis.yml

apis.yml Raw ↑ 
aid: envoy-proxy:external-authorization-api
name: Envoy Proxy External Authorization API
tags:
- Authorization
- gRPC
- Proxies
- Security
humanURL: https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/ext_authz_filter
properties:
- url: https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/ext_authz_filter
  type: Documentation
- url: https://www.envoyproxy.io/docs/envoy/latest/api-v3/extensions/filters/http/ext_authz/v3/ext_authz.proto
  type: Reference
- url: https://github.com/envoyproxy/envoy
  type: GitHubRepository
description: The Envoy External Authorization API provides a gRPC or HTTP interface for delegating authorization
  decisions to an external service. When a request arrives, Envoy calls the ext_authz service, which can
  approve, deny, or modify the request before it is forwarded to the upstream. This enables policy-based
  access control enforced at the proxy layer.