Open devgodman opened 3 years ago
Hi, did you manage to solve? I have the same problem
Hey, sure you can. The client need to store the session cookie returned by Kong and send it on each request. Then, depending on your session storage the plugin will get the JWT and attach it into the authorization header for the backend service.
You have a functional example using Kong + OpenID + Keycloak here.
Is it feasible to allow web app invoking API protected by kong-oidc to login from IdP and get resources provided by backend?