Azure AD authentication to application behind Kong on Kubernetes

mloskot · April 6, 2023, 12:19pm

Here is the scenario

Kubernetes cluster
Kong proxy and ingress controller with TLS certificate deployed for HTTPS termination
.NET ASP web application with authentication based on Azure AD
.NET ASP app runs on Kestrel and listens on HTTP
no Kong authentication plugins used

Are there any additional configuration requirements to be applied on Kong proxy in order to make the Azure AD authentication work?

I imagined it should be a common scenario to use Azure AD authentication behind NGINX(-based) proxy, but I’m hitting some walls and despite redirect URLs being generated correctly, I’m observing Kong blocking the traffic at some point with Bad Request.

I found this guide which suggests there is some configurationrequired, but I have no idea how this could be applied to Kong on Kubernetes:

Topic		Replies	Views
Kong ingress controller render static applications Kubernetes	8	1554	November 14, 2019
Oauth2 proxy - Reverse proxy to provide authentication with OIDC Questions	1	1284	October 12, 2021
Password Protect Admin API on Kubernetes Questions	2	412	June 26, 2020
Feature request: support azure application gateway Kubernetes	2	2054	February 22, 2019
Kong proxy elb ssl terminate oath2 plugin Kubernetes	1	957	July 26, 2019

Azure AD authentication to application behind Kong on Kubernetes

Related Topics