Am I correct in thinking that, since Oathkeeper is for both edge routing / auth and service to service routing / auth that most of my application requests should be directed at Oathkeeper now?
For example, I’m using Docker Compose and have Oathkeeper’s container name set to ok.test, so now instead of having service-one make a request to service-two, I would update it to make a request to service-two.ok.test and have Oathkeeper’s upstream URL for that route set to service-one?
Also, I understand HashiCorp Consul has service to service ACLs. Is Oathkeeper comparable to that, but also able to be used for end user auth?