Ping Identity provides the
ping-auth Kong Gateway integration plugin,
which enables PingAuthorize to be
used for attribute-based access control and policy decisions.
Integration with Kong Gateway allows PingAuthorize to handle the complexities of attribute-based access
control and dynamic authorization, making it easier for you to control access to your
The following are important to consider when using the
ping-auth Kong Gateway integration plugin for PingAuthorize:
- Mutual TLS (mTLS)
- This plugin supports client certificate authentication using mTLS. However, this feature
requires using the
mtls-authplugin, only available in the enterprise edition of Kong, in conjunction with
ping-auth. For more information, see the Kong mTLS documentation. When configured,
mtls-authuses the mTLS process to retrieve the client certificate, which allows
ping-authto provide the certificate in the
client_certificatefield of the sideband requests.
- Because of an outstanding defect in Kong,
ping-authis unable to support the Transfer-Encoding header, regardless of the value.
- Logging limit
- Because of OpenResty's log level limit, log messages are limited to 2048 bytes by default, which is less than the size of many requests and responses. For more information, see the OpenResty reference documentation.