Probing for OAuth2 consent given a Consumer-ID and user ID

Hi all!

I would like to know if there is some API endpoint (Admin API or not) where, given a Consumer-ID and an user ID, I get can the OAuth2 tokens issued.

In other words, I want to know if a given user (“authenticated_userid”, in Kong’s OAuth2’s plugin terms) has given consent to a Consumer. Then also, which scopes and whether that token is expired or not.

I’m using Kong’s OAuth2 plugin and the only thing I could find is that it is possible to get that information by doing a few requests to endpoints like /oauth2_tokens and /oauth2_credentials, but the solution is not viable at all (it won’t scale, it’s not straightforward to use).

I would expect this to be available through some Admin API endpoint(s), but I could not find anything beyond that. Am I missing something? Is that something planned for?

thanks in advance!

2 Likes

© 2019 Kong Inc.    Terms  •  Privacy  •  FAQ