PingOne

Setting up PingOne Authorize for Kong Gateway integration

To allow Kong Gateway to use PingOne Authorize as an external runtime authorization policy service, set up an API gateway in PingOne that represents Kong Gateway.

Before you begin

Add PingOne Authorize to your PingOne environment. Learn more in Getting started with PingOne Authorize.

About this task

Prepare PingOne Authorize to authenticate authorization requests from Kong Gateway.

Steps

  1. In the PingOne admin console, go to Authorization > API Gateways.

  2. Copy the Service URL and save it somewhere convenient for later use.

  3. To add a gateway, click the icon next to API Gateways.

  4. Enter a name for the gateway, such as Kong. Click Save.

    Screen capture of the Add an API Gateway window in PingOne Authorize.
  5. Click the icon next to Credentials, copy the credential, and save it for later use.

    The gateway credential is the shared secret that authenticates the ping-auth plugin to PingOne Authorize. Version 1.2 of the plugin supports referenceable secrets. For security reasons, store the gateway credential in a vault supported by Kong. Learn more in Secrets Management and Environment Variables Vault in the Kong documentation.

    Screen capture of the API Gateway credential window in PingOne Authorize.
  6. Click Done.