I think it would be nice to provide a layer of security to backend api providers besides mutual TLS. I want to develop it out as a plugin for the community.
Question for Kong developers is this - As someone new to making plugins do you believe that I can leverage the existing Kong JWT plugin for most of the functionality for generating a JWT and sending it to the backend? I think I also will be implementing a x509 cert in the claims of the JWT.
Any tips on how one might go about accomplishing it? Clone the JWT plugin folder and go from there?