I want to make the Kong a proxy for authentication and authorization (federation).
If possible using JWT, but how to use ACL, how to identify the user logged, get a JWT, and authorize the user by route?
I need to use the basic auth + jwt plugins?
Only JWT plugin can Identify the user logged?
As far as I understood, the JWT plugin only uses a key/secret that is universal for all clients.
How to identify and authorize the logged user?