Authentication using an upstream JWT Token header - mostly this is a Bearer token in an Authorization header.
One can customize which claims should be mapped to user and/or groups.