The Kong Gateway JWT plugin is an API gateway authentication strategy. The plugin serves as the JWT authorizer. It authenticates the JWT in the HTTP request by verifying that token’s claims and ensuring a trusted party signed it. Then, depending on whether these steps were successful, Kong Gateway routes the upstream service request.
-
Create a
kong.conf.default
file in the root dir -
Paste these lines inside the file (This is because its DB-less mode)
database = off declarative_config = /path/to/kong.yml
-
Run this cmd in the terminal
sudo cp kong.conf.default /etc/kong/kong.conf
-
Set your username and secret code in
kong.yml
file.
sudo kong start
To restart
sudo kong restart
GET
request to the admin API’s endpoint /consumers/CONSUMER-USERNAME/jwt.
This gives info about this consumer’s JWT credential:
Using these values and generated jwt
Using this generate jwt in bearer token
, jwt validated
Additional values to upstream headers in the console
Errors when secret code
and kid
are wrong and exp
time is in the past:
rendered with ♥ by Sakshi Choudhary.