One way of achieving this would be to setup a service:
host = auth.mydomain.id
path = "/authenticate"
and attaching a route to that configured as follows:
path = "/auth"
strip_path = "true"
Requests that come through to kong.mydomain.id/auth/* would be forwarded to auth.mydomain.id/authenticate/*. You could limit to only /auth/login in the same manner if you only want that particular endpoint handled.