Setting up your environment
To help you get started with API Access Management, we provide a Docker Compose project with everything you need.
About this task
The Docker Compose project includes Kong Gateway, a PostgreSQL database for gateway configuration, and the Ping Identity authorization plugin for Kong. The plugin is already installed.
Kong is configured to proxy REST API requests to the Meme Game API. This simple API is flexible enough to demonstrate several authorization use cases.
|
You’ll bring up this project and use cURL to make sure everything is working.
This project exposes Kong Manager and the Kong Admin API without any admin authentication. Be careful if you’re running this project on a |
Steps
-
Clone the PingOne Authorize API Access Management Tutorials GitHub project.
For example, clone the supporting files into a new
pingoneauthorize-api-tutorials
directory using HTTPS:git clone https://github.com/pingidentity/pingoneauthorize-api-tutorials.git && cd pingoneauthorize-api-tutorials
This project requires three ports:
-
KONG_ENGINE_HTTPS_PORT
: The runtime port for proxying REST API requests. By default, this is 8443. -
KONG_ADMIN_GUI_PORT
: The port for the Kong Manager UI. By default, this is 8002. -
KONG_ADMIN_API_PORT
: The port for the Kong Admin API. By default, this is 8001.
If you need to use different ports, customize the ports for your environment in the
env-template.txt
file as follows. Skip the next step if you’re okay with the defaults. -
-
Optional: Copy
env-template.txt
to.env
and edit the file:cp env-template.txt .env vi .env
When you finish editing the file, press Esc, and then exit the editor:
:wq
-
If Docker Desktop is not running yet, start it.
-
Bring up the project:
docker-compose up -d --build
Result:
This creates the database and configures Kong.
-
To access Kong Manager, go to: http://localhost:8002.
If you’re not running on
localhost
, use yourdocker-machine
name in the URL instead oflocalhost
.Result:
You can see your default workspace in Kong.
-
Make sure Kong Gateway can connect to the Meme Game API:
curl -i --insecure --oauth2-bearer '{"sub":"user.0"}' https://localhost:8443/meme-game/api/v1/users/user.0/answers
The connection might take a minute to come up. If the connection works, you’ll see
HTTP/1.1 200 OK
and a JSON response. Not getting the right results? See Troubleshooting Kong Gateway integration with PingOne Authorize.When you’re finished with the tutorials and no longer need this environment, you can stop Kong and delete the PostgreSQL database. Don’t do this yet!
docker-compose down -v
Next steps
Your tutorial environment is set up and you’re ready to add applications in PingOne. The first application you’ll add is a banking application that doesn’t have access to the Meme Game API.