Skip to main content

ValidateDataplane

POST 
/configurator/v1/validate-dataplane

ValidateDataplane lets a data plane's filter confirm that this DP is still a valid (non-revoked) member of the customer and fetch the customer's current gatekeeper public keys. Authentication is via the caller's service-account JWT signed with its DP keypair (kid=instance-<...>). When the DP keypair has been soft-deleted at MP, the auth layer rejects the call with Unauthenticated — the filter treats that as "revoked" without needing a separate response field. On success, the response carries the customer's gatekeeper public keys so the filter can repopulate its in-memory cache (and the worker can repopulate tars-config[gatekeeper-public-keys]).

Request

Responses

Success