1. Proposed title of this feature request: Introduce ability to force authentication against more than one token on an endpoint
2. What is the nature and description of the request? CU Architecture is dependent upon this behavior
3. Why does the customer need this? (List the business requirements here) CU is passing a JWT with two headers, x-scope-token and Authorization: bearer. To ensure that any user attempting to access this endpoint has the required credentials, two headers are passed effectively passing two tokens to be validated.

4. List any affected packages or components.
Openshift Service Mesh 2.5