Best way to implement this flow with KONG?

#1

Hello Community, I’m new to Kong, trying to find my ways.

Every incoming Request will contain a JWT token. Kong Will verify the token and the token will contain a KEY and on the basis of the key, Kong will check if the request can access so and so uris

How should I implement this using one or more plugins?

#2

These two in combination should help you succeed in your goals :slight_smile:

This plugin controls the whole pass me a JWT token to validate who the user is bit:

This plugin helps the authorization side of things after the user has been identified by jwt:

Hope that helps,
Jeremy