Hello,
TL;DR: can there be jwt_secrets
field on root level of declarative config file?
I am quite new to Kong. Taking over another application that uses dbless declarative config, I saw there is jwt_secrets
field on root level, next to services
, consumers
, plugins
. And Kong happily started with this config, no complains. Actually this app runs in real environment with this config, but I am not capable of validating jwt stuff actually being used.
When I decided to add schema validation to build pipeline, I discovered that in schema jwt_secrets
is declared as field of consumers
entry, FConsumer
type, and this is also reflected in Go code.
And ofc validator with this schema gives me an error of fail: (root): Additional property jwt_secrets is not allowed
.
But a) thing is assumed to work in real env b) I have seen similar configs on forums, e.g. here
Is jwt_secrets
root field valid, or what is the difference between having it on root level and under consumer
entity? http_log
and prometheus
plugins are involved, if that matters.