Kong Gateway with custom JWT Auth server


We have our own authentication service, which generates the JWT token for the user, and we want to pass this token via Kong API Gateway to validate and secure the downstream services and route the user request.

JWT Plugin from Kong seems to be doing somewhat similar but what we need is if jwt token is missing or invalid then user will need to be redirected to our custom auth server login page, and after successful authentication user need to be redirected back to the original requested url. We started on writing a custom plugin using python but with that after successful authentication we see that token is generated and stored in browser cookie of auth server page, but it is removed the time when user is redirected back to kong, is there a Session we need to maintain somewhere or do we need to set the cookie explicitly in kong somewhere? Or are we missing something in our custom plugin?

Any hint would be highly appreciated.


If you’re using the Gateway Enterprise, I suggest to look at OIDC plugin.