The Ping Auth plugin for Kong API Gateway integrates with Ping Identity’s PingAuthorize to provide attribute-based access control and policy decisions. This plugin allows Kong to utilize Ping products for dynamic authorization, making it easier to control access to your API resources1.
Key Features:
- Attribute-Based Access Control (ABAC): Allows fine-grained access control based on user attributes and policies.
- Dynamic Authorization: Policies can be updated in real-time without redeploying the API gateway.
- Mutual TLS (mTLS): Supports client certificate authentication using mTLS.
- Sideband API Protocol: Communicates with Ping services to retrieve authorization decisions.
Installation:
- Download the Plugin: Get the ping-auth plugin from Luarocks.
- Install the Plugin: Use LuaRocks to install the plugin:
luarocks install kong-plugin-ping-auth
- Configure Kong: Add the plugin to your Kong configuration:
plugins = bundled,ping-auth
- Apply the Plugin: Enable and configure the plugin via Kong’s admin UI or API.
Example Configuration:
plugins:
– name: ping-auth
config:
service_url: “https://your-ping-service/policy”
This setup allows Kong to communicate with Ping services to handle authorization decisions.
Would you like more details on configuring this plugin or any other specific information?
Infra Cloud Solutions 