How can I use the token introspection feature ?

[canattofilipe]

Hello guys,

I have seen some related questions about token introspection but none solve my problem. My infra configurations uses Kong + OIDC plugin + KeyCloak. When the client is a browser everything works fine, but I would like to access protected resources behind Kong using tools as API Postam and curl, when I try using a token at request header the Kong return a html page asking to me do login.

My OIDC plugin config:

{
    "created_at": 1586875821,
    "config": {
        "response_type": "code",
        "introspection_endpoint": "http://192.168.15.13:8180/auth/realms/master/protocol/openid-connect/token/introspect",
        "filters": null,
        "bearer_only": "no",
        "ssl_verify": "no",
        "session_secret": null,
        "introspection_endpoint_auth_method": "client_secret_basic",
        "realm": "kong",
        "redirect_after_logout_uri": "/",
        "scope": "openid",
        "token_endpoint_auth_method": "client_secret_post",
        "logout_path": "/logout",
        "client_id": "kong",
        "client_secret": "3c6def8b-66e2-4e0d-87cf-5e54a46dbbef",
        "discovery": "http://192.168.15.13:8180/auth/realms/master/.well-known/openid-configuration",
        "recovery_page_path": null,
        "redirect_uri_path": null
    },
    "id": "fd5a4972-797e-4022-80a5-a2a2476753d5",
    "service": null,
    "enabled": true,
    "protocols": [
        "grpc",
        "grpcs",
        "http",
        "https"
    ],
    "name": "oidc",
    "consumer": null,
    "route": null,
    "tags": null
}

[BaloMueller]

https://github.com/nokia/kong-oidc/issues/153#issuecomment-614012557

[canattofilipe]

Thanks @BaloMueller, I was doing as you said, but one detail caused a malfunction. I was able to fix it with this hint