Description
Currently CredentialRegistry doesn't support authorization with an Identity Provider like KeyCloak. We had to remove validating access when the Registry application tried to reach the context json located in the RMTL application. We need this feature because we cannot leave routes with no policies in production.
Essentially, Credential Registry needs to support JWT authentication and being able to pass JWT tokens to allow RMTL to validate access.
From #784
Need to support KeyCloak or similar Identity Provider to even the authN/Z logic for integrating with other apps that use OpenIdConnect and JWT based token-auth patterns for Role Based Access Control.
The current authorization token leaves integration gaps that we would deprecate soon after KeyCloak support is available.
Let me know if you have questions.