[2.9.0] 1373 support authentication with service account tokens (#1402)

* Add JWT Authentication page for v2.9 feature #1373

* Update GitLab / HashiCorp reference

Co-authored-by: Billy Tat <btat@suse.com>

* Update location of JWT Authentication page

* Apply suggestions from code review for Intro

Co-authored-by: Marty Hernandez Avedon <marty.avedon@suse.com>

* Update title / get rid of note

* Update title (2)

* Add JWT Auth page to v2.9 docs

* Update JWT feature summary

* Apply suggestions from code review

Co-authored-by: Billy Tat <btat@suse.com>

---------

Co-authored-by: Billy Tat <btat@suse.com>
Co-authored-by: Marty Hernandez Avedon <marty.avedon@suse.com>

versioned_docs/version-2.9/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/jwt-authentication.md

@@ -0,0 +1,17 @@
+---
+title: JSON Web Token (JWT) Authentication
+---
+<head> 
+  <link rel="canonical" href="https://ranchermanager.docs.rancher.com/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/jwt-authentication"/>
+</head>
+
+Many 3rd party integrations available for Kubernetes, such as GitLab and HashiCorp Vault, involve giving an external process access to the Kubernetes API using a native Kubernetes Service Account token for authentication.
+
+In Rancher v2.9.0 and later, service accounts on downstream clusters can now authenticate through a JSON web token (JWT) using the Rancher authentication proxy. In Rancher versions earlier than  v2.9.0, only Rancher-issued tokens were supported.
+
+To enable this feature, follow these steps:
+
+1. In the upper left corner, click **☰ > Cluster Management**.
+1. Click **Advanced** to open the dropdown menu.
+1. Select **JWT Authentication**.
+1. Click the checkbox for the cluster you want to enable JWT authentication for, and click **Enable**. Alternatively, you can click **⋮** > **Enable**.