Securing Dapr deployments

Best practices and instructions on how to secure your Dapr applications

Setup & configure mutual TLS

Encrypt communication between Dapr instances

Configure API authorization with OAuth

Enable OAUTH authorization on Dapr endpoints for your web APIs

Enable API token authentication in Dapr

Require every incoming API request for Dapr to include an authentication token before allowing that request to pass through

Authenticate requests from Dapr using token authentication

Require every incoming API request from Dapr to include an authentication token

Last modified September 17, 2021 : Merge pull request #1757 from georgestevens99/1440SecretKeyRefExplanation (620a5f8)