First question from a a first time user of Kong.
- Kong deployed using Helm running as Ingress Controller in Kubernetes
- JWT KongPlugin resource used to validate Okta Authorisation code per namespace
- KongConsumer deployed per namespace
- KongCredential deployed per namespace mapped to KongConsumer and configured to use RS256, Key and RSA Public Key supplied.
- OKTA authentication is successful
- JWT validation fails as “Invalid Signature”
I have tried using HS256 as the algorithm without success.
I have also tried using Kubernetes Secret instead of KongCredential which is deprecated.
As I am using community version JWKS is not an option, no supported Plugin but then I have the correct Public Key configured.
Help much appreciated.