Proper architecture for user management using Kong and it's authentication plugins

What is the good way for creating user management service using Kong.

My naive approach to create user identity service( i.e store user information to database) and then create consumer against that user. Then when user want to login i check username and password and if it is true then fetch consumer info for that user and generate token against it.
( I am using Oauth2 plugin).

1 Like

You are on the right track! The Consumer entity is indeed designed to model users, who are the consumers of APIs proxied by Kong.