tldr - powered by Generative AI

• Providing libraries and side cars for authentication and authorization is not scalable and difficult to maintain
• Enforcement of authentication and authorization needs to be mandatory
• JWT tokens become too large as permissions increase
• Policies for user access are buried deep within applications, making auditing difficult
• Lack of control over code that validates tokens limits ability to improve authentication and authorization