Oauth Introspection Plugin - Kong Enterprise 0.34

#1

I need configure access to this api https://api.mercadolibre.com/sites/MLU/search?q=chromecast&access_token=XXXXXXXXXXXXXXXXX, via Kong ( Kong Enterprise Edition 0.34) this api make the oauth autentication via ML so I need configure Kong´s pluggin (oauth introspection)

Service was defined like:

host = api.mercadolibre.com
path = /sites/MLU/search
protocol = https

Then, I proceed to define route as follow:

protocol = http
host = viakong.com

Next step was define a consumer and then define a plugin for this consumer. For that I followed the steps on https://docs.konghq.com/hub/kong-inc/oauth2-introspection/ but when I tried to enable the plug-in on the service (the first step) the process failed

curl -X POST http://localhost:8001/services/1ae69fe3-fe51-4e6f-a4e3-d23134027fdd/plugins
–data “name=oauth2-introspection”
–data “config.introspection_url=https://auth.mercadolibre.com.ar/authorization?response_type=token&client_id=5268430758792267”
–data “config.authorization_value=TOKEN-VALUE”

The error

{“client_id”:“client_id is an unknown field”}

I think, maybe i need escape the client_id or pass it from another form perhaps…

Thanks in advance,
Regards
Maira

0 Likes

#2

Hello Maira,
As you suspected, client_id is passed in a wrong way as the ampersand gets mixed with the ampersands joining other parameters.

One way to pass it correctly is to escape the introspection_url. In that case, ‘&’ will be passed as %26 and it will work. You can try it even manually.

Btw, for support on Kong Enterprise you can always submit a ticket https://support.konghq.com/support/s/ . Thanks!

1 Like