Integrating Kong and Azure Active Directory

#1

Have you tried integrate Kong with Azure Active Directory Authentication in kong?

What about it?

I’ve found this documentation … but I am not sure if LDAP can to be applied with Azure Active Directory.

At this moment I am looking for it, but I think that LDAP does not apply to Azure Active Directory … doesn’t it?

I think, that to use kong to control access via multi-factor authentication to resources or automate user provisioning between a Windows Server AD and our cloud apps or add SSO (allowing it to work with a user’s pre-existing credentials) maybe could I to use kong-openID auth plugin or Kong OAuth 2.0 Introspection plugin in order to use Azure Active Directory like a third party Authorization Server?

My intention is how to protect the Swagger API backend using kong and Azure, and in this way
I’ve read somethings like this, but I don’t find any relation of AAD itself with kong or some external API different to API Management instance service that they offer to their users

Could to be I wrong in my considerations here?

Is possible really work with kong authentication and authorization process and third party Auth servers like Azure Active Directory in my case?.

In this line, Could to be Kong OAuth 2.0 Introspection plugin a good alternative to follow?

0 Likes

#2

I think that Kong OAuth 2.0 Introspection plugin (https://docs.konghq.com/hub/kong-inc/oauth2-introspection/) is more adequate in order to treat Azure Active Directory as a third party Authorization Server

Some people use istio (https://istio.io/ - other control traffic and authentication and auth service) to check Azure AD B2C oauth token … could we assume kong can do the same with Azure AD

0 Likes