We are exposing Oathkeeper behind our security component that encrypt routes - for every request, it’s created a session and available resources are encrypted for that session.
The main idea of our security component is to call the root entry point that you set and retrieve all resources available for that resource.
In our case, we are setting root entry point to ory oathkeeper proxy but we can’t retrieve every “route” available so we need to set every single url match into our security component - for now, it’s not a problem because we have just a few rules.
I was about to create an external API that was going to respond on
/ and do a kind of parse into
/rules to respond it in hateoas format but it could be nice have something native in oathkeeper instead of you need to create an external API and need to add a new rule to bypass authenticator, authorizer and mutators just to get list of “resources” available.
Basically, I would like to handle a “match url” from oathekeeper rules as a resource. My idea is to expose something extra in case of other persons face the same point that we are but I’m not sure if makes sense to expose this kind of route to solve a problem that probably is not a “real problem”.
Do you think makes sense to have something like that in Oathkeeper in scenarios that you can not expose nothing directly?