The task before us is to create a client facing api for a multi-tenant application using .NET Core. We are gravitating towards Ocelot as the solution for our api gateway. As a multi-tenant provider a requirement for us is that each client/tenant has their own private secret JWT validation key. This feature insures that validation can be managed on a the terms of the tenant. Ocelot, however being a popular choice in .NET Core is not clear (at least to me) on how to achieve this. Any suggestions on the best way to achieve this per-tenant strategy with Ocelot would be greatly appreciated?
Thanks ahead!