Trojan295
commented
5 years ago It is able to validate JWT tokens in context of OIDC. On the repository page you have the necessary information how to enable the plugin in Kong and, which parameters are needed.
Basically you need to have an OpenID Provider (it can be public providers like Google, Facebook or self hosted like Gluu or Keycloak). You need to register a client there for Kong and then use the client id and secret in your plugin configuration. You also need to provide the Discovery Document URL in the plugin config. Now Kong will use the Authorization Code flow to authenticate the incoming requests.
Is this plugin able to validate the JWT Token with Client_credentials and authorizatio_code?
Any sample?