Help Required - Secondary HTTP authentication

#1

We want to use KONG as authentication server which gets username and password from client.
Kong should be taking this username and password do http basic authenticate against a backend server (a.b.c.d/url) (using different url) and issue valid JWT token to the client . Also it should be able to proxy the data posted by client to another Service(x.y.z.com) The client should be able to use the JWT token it in subsequent requests without reauthentication. Please advise if this is possible

We are currently using nginx ingress controller with annotations to authenticate against remote backend and success requests get proxied to actual server

#2

Since this is a custom scheme, you could write a custom plugin. Here’s an example that does something similar: https://github.com/Tieske/kong-plugin-jwt-fetcher

It’s not the same, but shows how it works.

hth
Thijs