Consumer association with a JWT not working as expected

Sunil_Padmanabhan · February 22, 2018, 7:08pm

Any valid JWT token created works for ALL/ANY consumers, not getting filtered by the respective consumer for which the JWT was created. is this by design or a bug?

I’m using ACL to restrict consumers to specific groups and JWT created for a specific consumer, but kong allowed me to use a valid JWT created with the secret and key generated for a different consumer.

hisham · February 26, 2018, 8:47pm

Do you have more details on how you configured your setup? (That is, what were the requests to create the various entities and how you configured them – feel free to redact any sensitive info)

Topic		Replies	Views
JWT Auth - Every user is a consumer - how? Questions	1	613	February 22, 2023
JWT token not issued by Kong - how to map to consumer Questions	2	1118	August 11, 2019
JWT plugin and consumers Questions	3	997	February 9, 2018
Consumers (External Datastore) Questions	0	321	March 20, 2020
Rate Limiting for consumers validated by API-KEY and JWT Questions	0	209	July 31, 2023

Consumer association with a JWT not working as expected

Related Topics