OIDC Plugin unable to find Anonymous Consumer

Hi There,

Not sure if this is a bug or a feature request, but I’m running into some issues using consumers with the OIDC plugin. I can configure a consumer for the OIDC plugin instance as documented, and see the expected consumer behaviour. When attempting to assign a consumer to the request, I can see the the OIDC plugin try to use 3 different fields, it tries to compare the username, custom_id and id field to the claim. If any of these match, it uses that consumer and everything works as expected.

When none of the fields are matched, the logs show that the plugin attempts to find the user by the ID only, and never attempts the custom_id or the username. I would expect that if I create an anonymous consumer in the same way as any other consumer, the lookup process would work the same way (try to find by custom_id as well as username). When creating the consumer using a kubernetes template, we don’t have direct access to the actual id, so this makes using this consumer really difficult.

Additionally, when configuring the OIDC plugins “anonymous” field, if you don’t provide a UUID like the one kong creates, the plugin configuration errors with the message:

api_helpers.lua:260 Cannot serialise table: excessively sparse array

Would it be possible to have the OIDC plugin lookup the anonymous consumer by username or custom ID?


It’d need to be implemented as a new feature within the plugin. Since the OIDC plugin is part of the Enterprise feature set, can you put in a support ticket?

© 2019 Kong Inc.    Terms  •  Privacy  •  FAQ