Imagine you’re the publisher of Meme Game, an online game in which players compete with their friends to craft the funniest meme. You need to protect the APIs that compose the game so that only your browser-based client or mobile game client can access the APIs and other clients don't have access.

To do this, you'll configure applications and access control rules in PingOne and an authorization plugin for Kong Gateway. The plugin works with PingOne to handle the complexities of the OAuthOAuth A standard framework that enables an application (OAuth client) to obtain access tokens from an OAuth authorization server for the purpose of retrieving protected resources on a resource server. and OpenID Connect (OIDC)OpenID Connect (OIDC)OIDC An authentication protocol built on top of OAuth that authenticates users and enables clients (relying parties) of all types to request and receive information about authenticated sessions and users. OIDC is extensible, allowing clients to use optional features such as encryption of identity data, discovery of OpenID Providers (OAuth authorization servers), and session management. protocols, making it easier for you to manage API access control across these systems.

What you'll learn

You'll learn how to:

  • Configure the authorization plugin for Kong Gateway to connect the gateway to PingOne
  • Create applications and managed API services in PingOne
  • Configure which applications are authorized to connect to managed API services
  • Demonstrate that only authorized clients are able to access the Meme Game APIs

What you'll do

Follow these steps to complete the tutorial: