Add docs for egress selector support in JWT authenticator

Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>

Author: aramase

content/en/docs/reference/access-authn-authz/authentication.md

@@ -411,6 +411,13 @@ jwt:
     - my-other-app
     # this is required to be set to "MatchAny" when multiple audiences are specified.
     audienceMatchPolicy: MatchAny
+    # egressSelectorType is an indicator of which egress selection should be used for sending all traffic related
+    # to this issuer (discovery, JWKS, distributed claims, etc).  If unspecified, no custom dialer is used.
+    # When specified, the valid choices are "controlplane" and "cluster".  These correspond to the associated
+    # values in the --egress-selector-config-file.
+    # - controlplane: for traffic intended to go to the control plane.
+    # - cluster: for traffic intended to go to the system being managed by Kubernetes.
+    egressSelectorType: <egress selector type>
   # rules applied to validate token claims to authenticate users.
   claimValidationRules:
     # Same as --oidc-required-claim key=value.
@@ -696,7 +703,6 @@ jwt:
 ###### Limitations
 
 1. Distributed claims do not work via [CEL](/docs/reference/using-api/cel/) expressions.
-1. Egress selector configuration is not supported for calls to `issuer.url` and `issuer.discoveryURL`.
 
 Kubernetes does not provide an OpenID Connect Identity Provider.
 You can use an existing public OpenID Connect Identity Provider or run your own Identity Provider

content/en/docs/reference/command-line-tools-reference/feature-gates/StructuredAuthenticationConfigurationEgressSelector.md

@@ -0,0 +1,13 @@
+---
+title: StructuredAuthenticationConfigurationEgressSelector
+content_type: feature_gate
+_build:
+  list: never
+  render: false
+
+stages:
+  - stage: beta 
+    defaultValue: true
+    fromVersion: "1.34"
+---
+Enables Egress Selector in Structured Authentication Configuration.