Kong: OAuth2 plugin: Token Introspection support

Created on 24 Aug 2016 · 5Comments · Source: Kong/kong

Token Introspection allows APIs to check the state of an OAuth2 token.

More info: https://tools.ietf.org/html/rfc7662

pluginoauth2 proposal

Source

vitorsdcs

👍1

Most helpful comment

@vitorsdcs you can also invoke the /oauth2_tokens endpoint on the Admin API to get a list of all the tokens on the system and their properties.

subnetmarco on 13 Sep 2016

👍2

All 5 comments

@vitorsdcs you can also invoke the /oauth2_tokens endpoint on the Admin API to get a list of all the tokens on the system and their properties.

subnetmarco on 13 Sep 2016

👍2

This was done! :) https://getkong.org/plugins/oauth2-introspection/

p0pr0ck5 on 21 Apr 2017

I assume this issue requested to implement the Introspection endpoint support as a new endpoint in the existing OAuth 2.0 plugin, as opposed to the linked OAuth 2.0 Introspection Endpoint plugin which leverages a third-party Introspection endpoint to authenticate requests.

If that's the case, it should be re-opened.

subnetmarco on 21 Apr 2017

Ah yep, I think that's the case. Faulty assumption on my part; thanks.

p0pr0ck5 on 21 Apr 2017

...so? How's this feature development going? :smiley:

NebojsaKrtolica on 14 Apr 2019

👍1

Was this page helpful?

0 / 5 - 0 ratings

Related issues

Request path matching may have undesired behaviour

kwahome · 3Comments

Maximum return of 100 records when GET /upstreams/ from Kong 0.11.X

z843248880 · 3Comments

OAuth2 plugin: not dealing with external IDP

ghost · 3Comments

Get {"message":"An unexpected error occurred"}

cospotato · 3Comments

failed to open plugin kong: plugin.Open("/tmp/go-plugins/kong"): plugin was built with a different version of package github.com/Kong/go-pdk/bridge

antoniott15 · 3Comments