Customize JWT plugin

Hi All,

What should be best approach in case we need to add custom features in existing OOTB JWT plugin ? Using single JWT plugin I need to make use of OOTB JWT authentication as well as some custom logic.


Same as you, I’m trying to find how to forward incoming request to our authenticate service (of course inside KONG_DNS_RESOLVER), if return 200 then forward to service or return error code to client.

Seems like I have to embed custom functionality in another custom plugin , so that means Kong will first call OOTB JWT plugin and will then executes my custom plugin.
Ideally I wanted to achieve it through single plugin by customizing OOTB JWT plugin , but seems its not a simple task to do.

Any thoughts community members ?

For your requirement , I would suggest you use JWT for OOTB authentication if needed and you can write a custom plugin to achieve your custom functionality , i.e. your custom plugin will make a GET request to your authentication service.

For reference , in case you have not already , see this plugin -


I will use simple solution as the link decribe:

  1. Use an endpoint to login and retrieve JWT.
  2. Use JWT Plugin to just verified this token, then back-end service also use token to get user_id to use its authorization logic, like function authorization, data authorization …

In other way, Kong middleman plugin is nice solution if I do not take any authorization logic in back-end service. No user’s data is need. Or an complex logic when authenticate that JWT can not provide.

Thanks for this,