Hi
Is it possible in Kong we define the endpoint and secure the endpoint with some kind of rules, for instances /api/users/create hasRole(‘Admin’) and hasAuthority(‘write’). And that particular rule is extract from JWT Token ?
Thanks,
Nizar
Hey Nizar,
You may be able to do some / most of what you want with some logic built around the JWT plugin: JWT - Plugin | Kong Docs (OSS). If you are on Kong Enterprise, the OIDC plugin is more full-featured and probably can do all of what you need based on specific groups / claims etc: OpenID Connect - Plugin | Kong Docs.