Add OIDC Auth to EPR #89
Description
Planning to add OIDC support to EPR by way of Keycloak. The goal is to require authentication on most endpoints. This is a stepping stone to implementing RBAC.
Stuff we need:
- Doc on spinning up Keycloak and getting it configured (or a script).
- Figure out the auth flow for a user interacting with EPR. Getting them a raw JWT is good enough for the first pass.
- Add Keycloak to the deployment with the other prereqs.
- Add some EPR middleware to validate access tokens.
May need to split these into multiple tickets.