We have been evaluating Kong for fronting our APIs and so far its been great.
Need some pointers on making Kong work with Keycloak. The authentication with a JWT is working fine.
Keycloak sends a ream_access attribute which is based on a LDAP group membership. For example;
Is there a way for Kong to read these attributes from the JWT token and allow/deny access to an API?