Validation of header before passing to upstream

Hi Everyone,

We are currently using OIDC plugin and as per our requirement we need to add another step of authentication.
In order to satisfy this requirement we have added another header which is named as API key which will be sent by the client by encrypting using their PKI private key and in our kong gateway after OIDC authorization is passed we will decrpt the API key using the client public key. We are currently deployed in AWS.
Could you please provide some suggestion on how this can be achieved.

Thanks in advance for the support.


© 2019 Kong Inc.    Terms  •  Privacy  •  FAQ