PingOne

Setting up PingOne Authorize for Kong Konnect integration

To allow Kong Konnect to use PingOne Authorize as an external runtime authorization policy service, set up an API gateway in PingOne that represents Kong Konnect.

Before you begin

Add PingOne Authorize to your PingOne environment. Learn more in Getting started with PingOne Authorize.

About this task

Prepare PingOne Authorize to authenticate authorization requests from Kong Konnect.

Steps

  1. In PingOne, go to Authorization > API Gateways.

  2. Copy the Service URL value and save it for later use.

    You’ll use this value to configure the ping-auth plugin in Kong Konnect.

  3. To add a gateway, click the icon next to API Gateways.

  4. Enter a name for the gateway, such as Kong Konnect. Click Save.

  5. Click the icon next to Credentials, copy the credential, and save it for later use.

    The gateway credential is the shared secret that authenticates the ping-auth plugin to PingOne Authorize. Version 1.2.0 of the plugin supports referenceable secrets. For security reasons, store the gateway credential in a vault supported by Kong. Learn more in Secrets Management in Konnect and Environment Variables Vault in the Kong documentation.

  6. Click Done.