Hi,
I am working on customizing the dev portal for our own internal stats on top of the provide Kong values and am having some difficulty understanding the role of Konnect Dev Portal Identity.
After reviewing our self hosted dev portal, I found that the KongAuthApi seems to be handing the auth portion on our behalf and furnishes a cookie by the name of “konnect_portal_session”. With this, I cannot seem to find any trace of our own auth provider and a means to reach it within our current configuration. Note, we are also using key-auth.
If you review the stats calls used to furnish things like 4xx and the like, there is a portal access token that is a JWT issued by global.api.konghq for the audience of kauth.konghq.com. Has anyone used this for validation given an outside service?
Another high level question: when using konnect with a self hosted dev portal and independent auth, how does the auth flow work? Is it managed by kong and kong then furnishes their token to the portal?
A bunch of questions there so thanks in advance for any direction!