I have to evaluate the possibility to substitute the existing api manager used in our platform with Kong Api Manager, so I must understand if and what are the gaps to be filled in the transition between one and the other, following my concerns:
- Is Kong multitenant ? Ideally in my environment all the apis have to be published under a single Tenant to be then subscribed to any oauth2 application of any tenant.
- Does Kong support saml bearer and JWT grant types to generate access token to invoke api ?
- Does Kong support integration with Active Directory to forward to BE as http headers custom set of user claims retrieved from user store when an API is invoked using user access token ?
- Does Kong support the possibility to customize the JWT generator described in the previous point in order to forward to BE not only user info retrieved from LDAP but also additional info related to the oAuth2 application for which the user access token has been generated (e.g. oauth2 application name / description) ?
- Does Kong support swagger 2.0 for online published api documentation?
- Does Kong support the possibility to generate a UUID transaction id when any API is invoked to be forwarded to final BE as http header ?
- Does Kong expose admin APIs to automatize the publishing process ? Does such APIs accept as input the swagger 2.0 document of the api ?
thanks in advance for the help