Hi,
We’ve started to use the Kong OAuth 2.0 plugin to manage our tokens and oauth workflows, however, there is one feature that we required but missing in the admin API.
I believe the token revocation is an important security measure when you need to lock somebody out from your system for good. We pass the autenticated_userid to Kong during token creation in order to record the user identity, and we would like to be able to delete all the tokens attached to a single authenticated_userid.
Then I tried to follow the instruction here, but then I have some questions:
- Since the DAO methods are generated, is it possible to select/delete multiple records? AFAIK, the
select_byordelete_bycan’t do that as theautenticated_useridis not unique; - If the provided DAO helpers can’t help me, then what do you suggest us to extend the admin api to support this feature?
Thanks in advance!