Create consumer in real-time

[akira28]

I'm building a custom authentication plugin based on api keys, and I was wondering if there's a way to create consumers once I get an 'OK' from my internal authentication system. This would allow me avoiding syncing Kong db with my auth system.

One idea was to use the kong.db and create consumers manually, but there's no api for db on kong-js-pdk.
A possible solution would be to add a postgreSQL client like https://node-postgres.com/ to my plugin and do queries directly.

Is there a more elegant solution for this?

Thanks

[fffonion]

@akira28 I don't immeditately see a way to do it without touching DB directly (or admin API), and that could be ugly. However
i can see this usage being common, actually plugins like openid, oauth2 has the same requirement. But instead of actually create a consumer
you can use kong.client.authenticate(consumer, credential) to tell Kong the credential it mapped to. And plugins like rate-limit also honors
credential without the need to lookup consumer. But don't set consumer, since it's not a consumer mapped anyway.

[akira28]

ah, nice to know. But how can I create the 'credential' object? And can I call kong.client.authenticate(undefined, credential) (undefined consumer)?

[fffonion]

Yes you can. On Lua PDK I think credential is just an table of { id = "the credential value" }, it would work with
proper Js syntax, though i didn't try for myself.

[akira28]

by 'the credential value' you mean the 'api key'?

[fffonion]

credential in this context means an abitrary identitifer that your internal auth system returns, that can uniquely
identifier a user.

[akira28]

cool, perfect! This simplify things A LOT!
Thanks