we need here some authorization control similar to Turnpike for services which goes through gateway - it could be done based on scopes on the JWT or LDAP groups(turnpike now).

Like to allow requests to specific endpoints which meet specific requirements. (for example identify service account from JWT scope which is allowed to reach notification service)