Multiple Authentication - JWT & Basic Auth

#1

Hi,
I am using Kong 0.11.2
This my use case, I have 5 consumers, 3 having the ability to JWT and 2 can Basic Auth.
I would like all of them to use the same API, with the same Host and URL.

I added JWT and Basic Auth plugins to the same API.
Assuming these are my consumers,
Consumer 1 - Can JWT (81bde38d-fade-4e38-ae82-f4fd3370a1aa)
Consumer 2 - Can JWT (61bde38d-fade-4e38-ae82-f4fd3370a1aa)
Consumer 3 - Can JWT (41bde38d-fade-4e38-ae82-f4fd3370a1aa)
Consumer 4 - Can Basic Auth (31bde38d-fade-4e38-ae82-f4fd3370a1aa)
Consumer 5 - Can Basic Auth (11bde38d-fade-4e38-ae82-f4fd3370a1aa)

To the JWT plugin, in the anonymous section I added (31bde38d-fade-4e38-ae82-f4fd3370a1aa) - It does not accept multiple consumer ids.

To the Basic Auth plugin, in the anonymous section I added (81bde38d-fade-4e38-ae82-f4fd3370a1aa), again doesn’t accept multiple consumer ids.

I have also added a request termination plugin because I want none of the calls to be unauthenticated.

But when I call the APIs with the correct JWTs and Basic Auth it always returns 503,
{
“message”: “Service unavailable”
}

When I disable Request Termination, all calls succeed - even with invalid JWT and Basic Auth

I think I am not understanding the documentation right.
Can you please let me know if my use case can be satisfied by multiple authentication.
If so, help me correct my usage.

Appreciate your help!

Thanks,
Arun

0 Likes