In this tutorial we are going to implement Oauth 2.0 authentication with the help of Kong API gateway.
Step 1 - Configuration :
Step 2 - Creating a client :
The next step is to create a client for the authentication access.
Step 3 - Creating a consumer application :
Now you can create new OAuth 2.0 credentials (also called "OAuth applications") by making the following HTTP request:
-- This completes the configuration part--
Step 4 - Authorizing request with oauth token :
First we need to generate a token code before generating the actual token. This code is generated on the client side while authorization.
Add all the parameters as shown in the image above :authenticated_userId(A logged in user), clientId(Generated in the previous step), scope(Scopes for the api) and response_type for code based authentication.
This step will give you authorization code which you can use to generate the actual access token in the next step.
Step 5 - Generating access token from the access code :
To generate the access code follow the below API in the image :
Add the code that we got previously in the <code> parameter.
In the response of this API , we will get the Oauth access token.
We have to use that access token in the Authorization header to call the api for which we have added the Oauth 2.0 plugin.
The header will be like this :
Authorization : Bearer <access_token>
This Completes our authentication flow using Kong API manager.
If you have any queries , please mention below in the comments section.
Thanks.
Step 1 - Configuration :
To configure the plugin, add it on top of an API by executing the following request on your Kong server:
Note : The parameter <api> is the id of the API that this plugin will target for authentication.Step 2 - Creating a client :
The next step is to create a client for the authentication access.
Now you can create new OAuth 2.0 credentials (also called "OAuth applications") by making the following HTTP request:
-- This completes the configuration part--
Step 4 - Authorizing request with oauth token :
First we need to generate a token code before generating the actual token. This code is generated on the client side while authorization.
This step will give you authorization code which you can use to generate the actual access token in the next step.
Step 5 - Generating access token from the access code :
To generate the access code follow the below API in the image :
Add the code that we got previously in the <code> parameter.
In the response of this API , we will get the Oauth access token.
We have to use that access token in the Authorization header to call the api for which we have added the Oauth 2.0 plugin.
The header will be like this :
Authorization : Bearer <access_token>
This Completes our authentication flow using Kong API manager.
If you have any queries , please mention below in the comments section.
Thanks.
