Kong: Stormpath Plugin

I was just talking to Stormpath about Kong just the other day. It would be great to have stormpath plugin for authentication purposes. Sadly they had not heard of Kong so I don't think a plugin will be coming from them any time soon.

this would be nice!!!

If we see a lot of +1 here, we'll end up building it by ourself. We also have plans to integrate with Okta, Auth0, Centrify, etc.

I would for sure help with Development, as I am interested in using Kong eventually and I am already using Stormpath Enterprise as our IDaaS. +1.

+1 on a Stormpath plugin

+1 from me obviously ;-).

If I can help test this then let me know.

Sup everyone! I'm the head of evangelism @ Stormpath. I'm familiar with Kong, but haven't used it in a project yet. Seems like it'd be a fun weekend project. I'm not too familiar with lua either, but we have a lot of internal interest in this.

Few questions for ya'll:

• What features are most important to you for an integration here? HTTP Basic Auth? OAuth2? Username / password auth? Sessions?
• Is anyone using Kong for multi-tenancy routing currently via subdomains?

That'll help me sorta narrow down what we have to do ^^

Thanks Randall for responding directly to my support message about this!

I would love to use this instead of implementing stormpath on the microservices behind Kong.
Currently I have to implement stormpath SDKs in each microservice. Would make things much easier if you could just rely on authentication by stormpath at Kong level.

It could maybe pass through in the headers to the backend services information on the logged in user or the ID to do a lookup.

If you could have effectively the same functionality as say the node.js library for routing such as limiting routes by group (Admin, customer,etc). Login/Logout would be nice but really token based, basic auth and oauth integration would be good enough to get us started!

Thanks!

Would like to see Kong integrate with latest Stormpath JAVA SDK 1.0.RC8.3, as this satisfies my Companies requirement of having Form Login and Token Based Authentication. Another +1.

Gotcha -- I think a good start would probably be authenticating a user based on either Basic Auth (in the Authorization header), or OAuth2 in the Authorization header -- along with some group checks.

I think that's probably the simplest thing to start with. I'm still taking a look at this ^^

Is there any plan to implement this plugin @rdegges ? Any timeframe ?

@robbydooo we'd love to build this, but it isn't a priority atm. We're currently working on improving some of our core language libraries, but will definitely get to this in the future (although I don't know what the timeframe looks like :()

I just came to realise that a Stormpath plugin for Kong is what I need.
I'm looking to integrate the apiKeys of Stormpath with the apiKey auth plugin of Kong.
That would be a good start.
For now I'm registering the Stormpath apiKey into kong at account creation.
The only thing that's blocking me is the fact that if I disable/delete the apiKey in Stormpath, it still lives on Kong so it's not a good way to do it. If you guys have advices ?

Hmm, you'd most likely have to write some sort of script to pragmatically remove those Stormpath keys from Kong when you delete the account. I can't think of a better way to do it offhand.

Oh, also! Wanted to mention -- Stormpath now has an official ideas board. The more votes we get, the more we prioritize things. Here's the Kong integration thing if any of you want to vote / comment: http://ideas.stormpath.com/ideas/IAM-I-70

realize it's been over year since this....what's the current state of integration between Stormpath (now Okta) and Kong?

@tafs7 any chance OpenID Connect answers any of your questions?
https://github.com/Mashape/kong/issues/522#issuecomment-309877175

@bungle Thanks for the info, I'll check that out, but odds are that it probably does what we need.

I think we should close this issue since Stormpath is shutting down: https://stormpath.com/blog/stormpaths-new-path

Storm path has joined Okta.