API cookbook
Orionis keeps caller, resource, and auth-server integration blocks readable.
Calling service
hc, err := client.New().
TokenURL("http://orionis-auth.internal/oauth/token").
As("orders-service", "load-from-secrets-manager").
For("billing-api", "billing.invoice.create").
BuildHTTPClient(http.DefaultClient)
GIN resource service
guard, err := ginorion.New().
Issuer("http://orionis-auth.internal").
Audience("billing-api").
JWKS("http://orionis-auth.internal/.well-known/jwks.json").
Build()
r.POST("/invoices", guard.Require("billing.invoice.create"), handler)
Auth server endpoints
POST /oauth/token
GET /.well-known/jwks.json
GET /.well-known/openid-configuration
GET /healthz
GET /readyz