PingAuthorize

Setting up Kong Gateway using the API

Steps

  1. Send the following in a POST request to https://<KONG_URL>/plugins:

    {
  "name": "ping-auth",
  "enabled": true,
  "config": {
    "service_url": "https://<PingAuthorize Server hostname>:<HTTPS Connection Handler port>/",
    "shared_secret": "<shared secret>",
    "secret_header_name": "<shared secret header name>"
  }
}

    See the following list for more information about the required fields for the previous API request:

    service_url

    The full URL of the Ping policy provider. This should not contain /sideband in the path.

    shared_secret

    The shared secret value to authenticate this plugin to the policy provider.

    secret_header_name

    The header name in which the shared secret is provided.

    You can provide additional configuration in accordance with the Kong API specification. For more information, see the .konghq.com/gateway/2.8.x/admin-api///[Kong documentation].

  2. Optional: Configure the rest of the optional fields through the API.

    Option API Field Name Description

    Config.Connection KeepAlive Ms

    connection_keepAlive_ms

    The duration to keep the connection alive for reuse. The default is 60000.

    Config.Connection Timeout Ms

    connection_timeout_ms

    The duration to wait before the connection times out. The default is 10000.

    Config.Enable Debug Logging

    enable_debug_logging

    Controls if requests and responses are logged at the debug level. The default is false. For log messages to show in error.log, you must set log_level = debug in kong.conf.

    Config.Verify Service Certificate

    verify_service_certificate

    Controls whether the service certificate is verified. This is intended for testing purposes and the default is true.

Result

Kong Gateway is now configured to work with PingAuthorize.