I am trying to integrate kong with keycloak. As of now our frontend application is using angular and users are created in keycloak and keycloak users will get bearer token from keycloak. I want to use same keycloak token in kong for authentication and authorization.
When I am trying to pass same jwt token in header, I am getting bad request response from kong. I am not able to see debug logs.
I just got this working very recently in my local Kong setup where I am testing. How are you passing JWT token in the header? It should be a Bearer type in the Authorization header, so it would look something like this…
Authorization: Bearer {sometoken}
This works great with the built-in JWT plugin to validate the signature and the token itself for authentication. I could not figure out a way to verify the claims from Keycloak using that plugin, however.