Setting up Kong Gateway using the API
Steps
-
Send the following in a
POSTrequest to https://<KONG_URL>/plugins:{ "name": "ping-auth", "enabled": true, "config": { "service_url": "https://<PingAuthorize Server hostname>:<HTTPS Connection Handler port>/", "shared_secret": "<shared secret>", "secret_header_name": "<shared secret header name>" } }See the following list for more information about the required fields for the previous API request:
service_url-
The full URL of the Ping policy provider. This should not contain
/sidebandin the path. shared_secret-
The shared secret value to authenticate this plugin to the policy provider.
secret_header_name-
The header name in which the shared secret is provided.
You can provide additional configuration in accordance with the Kong API specification. For more information, see the Kong documentation.
-
Optional: Configure the rest of the optional fields through the API.
Option API Field Name Description Config.Connection KeepAlive Ms
connection_keepAlive_msThe duration to keep the connection alive for reuse. The default is
60000.Config.Connection Timeout Ms
connection_timeout_msThe duration to wait before the connection times out. The default is
10000.Config.Enable Debug Logging
enable_debug_loggingControls if requests and responses are logged at the debug level. The default is
false. For log messages to show inerror.log, you must setlog_level = debuginkong.conf.Config.Verify Service Certificate
verify_service_certificateControls whether the service certificate is verified. This is intended for testing purposes and the default is
true.
Result
Kong Gateway is now configured to work with PingAuthorize.