Hello,

I'm looking for help to integrate ApigeeX with Istio service mesh onto an existing microservices backend. We have been able to setup the apigee-remote-service-envoy and envoy filter in our K8S cluster to securize requests targeting microservices with api-keys generated and managed into the ApigeeX Saas application. The wanted and effective result is a HTTP 200 when the right key is provided and a HTTP 403 when is not provided.

This allow us to add a layer of control and security without doing extra développement to achieve that.

This setup is ok when we talk about request with a cURL or a frontend, but we would also like to securize inter-microservices communications. When the ms-A call --> ms-B that implie ms-A should retrieve his own api-key from ApigeeX Saas and to automaticaly add x-api-key header to each request done.

That's with this last point that we are struggling and looking for solution.

Thank's you for reading,
Any inputs would help.