Authentication plugin that connects to custom auth-service

Is there a plugin that connects to my custom auth-service to authenticate clients and an oauth provider to generate an access token for every authenticated client.

Plugin should also save the access token and auth-service response in its cache.

Detailed use case here :

When the client tries to authenticate by presenting the client Id and secret(Basic Auth) in the auth request, I want to route the request to custom authentication service. We have the client information saved in our database and is segregated to different realms(user groups). Implemented an auth-service that validates the client credentials based on the realm and generates a JWT response. JWT has sensitive information so cannot be shared with the client. This auth-service has multiple versions, so we need to route the request to different auth-service endpoints based on the realm(sent in the query parameter) and a custom header. And also We do not want to migrate the client data to any auth provider.

Once the auth-service returns a JWT response, Kong should be able to generate an oauth token and save the associated JWT in cache. This OAuth token will be shared with the client. When client presents this token in the Authorization header, API Gateway should be able to validate the token and get the JWT that was saved before and inject into to the backend request.

Does Kong support any plugin for this set up? Can you please share the related github links for custom plugins.


We have kinda the same requirement in our setup.

I do have same requirement to authenticate with the custom authentication service. As of now, I don’t find any way to integrate.
Any possible solutions would be helpful

I’m also interested in any solutions to the a I’ve problem.

This is a pretty specific problem and you can certainly create a custom plugin to solve it. You can use existing Kong codebase for inspirations on how to write the code.

I’m not aware of a solution that exists for this.