PingAuthorize

Preparing PingAuthorize for Kong Gateway integration

For Kong Gateway to use PingAuthorize as an external authorization policy runtime service, you must prepare PingAuthorize to receive authorization requests from Kong Gateway.

Before you begin

Steps

  1. In the PingAuthorize admin console, go to Configuration > Web Services and Applications > HTTP Servlet Extensions.

  2. Click Sideband API.

  3. In the Request Context Method list, select State.

    Screen capture of the Sideband API HTTP Servlet Extension window with settings configured as previously specified for Kong Gateway

  4. In the Shared Secret Header Name field, enter CLIENT-TOKEN.

  5. To create a new shared secret, in the Shared Secret Header Name list, select New Sideband API Shared Secret.

    The shared secret authenticates the ping-auth plugin to PingAuthorize. Version 1.2.0 of the plugin supports referenceable secrets. For security reasons, store the shared secret in a vault supported by Kong. Learn more in Secrets Management and Environment Variables Vault in the Kong documentation.

  6. In the New Sideband API Shared Secret modal, create a suitably long shared secret value, and then click Save.

  7. Click Save.