I'm working on a gRPC server in python based on protocol buffers. I would like to differentiate the methods so that only some type of client can call certain methods.
The only possible solution that I came up is to implement the SSL/TLS bilateral authentication so the server can recognize the client from his cert, and then in each methods check if the client can or cannot call this method. I cannot use the Token-based authentication with Google because this should work also locally without internet access. I don't need really an authentication because I already know the clients that can use the server, I only need a mechanism to recognize them and limit the access to the methods.
Any suggestion?
Thank you