Hi Folks,
First question from a a first time user of Kong. Setup:
Kong deployed using Helm running as Ingress Controller in Kubernetes
JWT KongPlugin resource used to validate Okta Authorisation code per namespace
KongConsumer deployed per namespace
KongCredential deployed per namespace mapped to KongConsumer and configured to use RS256, Key and RSA Public Key supplied.
Problem
OKTA authentication is successful
JWT validation fails as “Invalid Signature”
I have tried using HS256 as the algorithm without success.
I have also tried using Kubernetes Secret instead of KongCredential which is deprecated.
As I am using community version JWKS is not an option, no supported Plugin but then I have the correct Public Key configured.
I’m in a similar situation I think. How did you set the algorithm of the credential to RS256 when creating the kubernetes secret? I’m trying to use this as KongCredential is deprecated.
Are you setting the plugin, consumer, etc through the declarative config file or through yaml manifests? Could you share your config?