I was reading up about API Gateways (Kong) and I wanted to integrate it into my application. Every tutorial I've seen creates consumers for the services using Kong API or through a dashboard like Konga. I already have a user registration/auth service. How can the API Gateway replace that ? How should the user registration be changed so that Kong knows about it ? And how would login work because In all the examples I've seen the ApiKeys or JWT secrets are created in Kong ? Can any body shed some light on how this works in practice ?
How does User Registration work while using an API Gateway
387 Views Asked by Rahul R At
1
There are 1 best solutions below
Related Questions in MICROSERVICES
- HTTP Requests from SSL Secured(HTTPS) Domain Failing
- Separation of Students and Users in NestJS Microservice architecture
- How to choose port number for various microservices? whatever port number I use is already used-blocked or I'm not able to use them
- Handling feign exception in Spring boot using RestControllerAdvice
- Javers in microservice architecture
- Kafka integration between two micro service which can respond back to the same function initiated the request
- HTTP 401 unauthorized ASP.NET Core Web API microservices
- Minikube tunnel - Ingress not working on windows
- importing class in microservice 1 from another microservice 2
- Eureka Discovery client is not register under API-GATEWAY\host.docker.internal
- Unable to PUT JSON using ADF Dataflow, the error is "the JSON value could not be converted to System.Collections.Generic.List"
- Using Django as API gateway & authorizations service in Microservice
- How to fix HTTPS on express-gateway
- Websocket duplicate on headers
- migrate from django migrations to fastapi alembic
Related Questions in API-GATEWAY
- Minimizing IdentityServer4 Round Trips in Microservice Architecture with Ocelot
- Using Django as API gateway & authorizations service in Microservice
- Using AWS API HTTP Gateway with HTTP Backend without 301 redirection
- Websocket duplicate on headers
- LocalStack API Gateway Not Triggering Lambda Function from HTML Form Submission
- ApiGateway is not routing the api call
- Handling Microservice Failures in a Consul-Managed Architecture
- How to disable showing default Axis2 services (https://localhost:8243/services/Version?wsdl) in WSO2 API manager 3.2.0?
- Caching : functools vs API Gateway
- disable soap in wso2 api manager gateway https://IPaddr:9443/services
- add custom header at aws lambda authorizer
- Ocelot .NET API gateway: Failed to load API definition
- I want Netty webserver instead of tomcat in my spring-boot project with webflux
- Spring cloud gateway not able to find the service recource
- How to encode parameters for AWS API Gateway (HTTP API)?
Related Questions in KONG
- Django admin page doesn't open, when I use Kong gateway
- Kong helm chart certificates
- How to use Gateway API with Kong on GKE?
- Kong Gateway Custom Plugin - Errors when redirecting 5xx's to a custom url from header_filter phase
- Scripts and css not reachable after deploying Tiledesk with Kong as Load Balancer
- Kong Api Gateway - Api key's custom logics
- Make Kong Manger GUI to make call to /kong-manager
- How to install Kong in a specific namespace and route requests to a service using Kubernetes Ingress?
- Exclude status check logs from Datadog
- Internal Server Error (500) - Key must be a string or an entity table in POST request with Bearer token authorization
- Custom kong lua plugin loaded via helm config map fails with declarative_config.lua:654: table index is nil
- Kong: limit concurrent requests per consumer
- Can't figure how to route non authorized endpoints
- CORS error in Kong deployed with Helm chart and Terraform in AWS EKS
- Integration of Kong Ingress Controller 3.0.x with Istio Service Mesh
Related Questions in KONGA
- Setting up GeoIP Blocking on Kong Gateway via Docker
- Hide server info (kong version) using kong gui plugin response-transformer but didn't work?
- Kong Request Transformer template value debugging
- How to fix Kong timers always running and not response?
- kong and kong-migrations container error (dns.lua:39)
- How to change kong error no route match into a static html page?
- Registering Micro Services on Kong and use of docker /k8s while deploying Kong artifacts
- Can the Kong TCP type plug-in only work globally but not locally?
- ACL + key-auth plugin on a Kong service not working
- How to redirect to the upstream address configured by Konga in the custom plugin of Kong?
- Implementation of Kong Api Gateway in production
- Kong API Gateway - Domain Restriction
- How to fetch API from swagger file using kong gateway
- Kong API Gateway SSL/TLS Certificates
- Fail when install konga in docker
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular # Hahtags
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
In my opinion Kong is not supposed to replace a user registry / authentication service. However, it can help you enforce authentication.
There are several options of securing your APIs against unauthorized access. These include:
key-authplugin and is not intended for authenticating users (meaning natural persons) but consumers (meaning other systems).jwtplugin and is suitable for user authentication. Kong is responsible for validating the JWT tokens (by checking the signature and expiry of the self contained token). You can of course do further checks either with custom Kong plugins or within your upstream service.So I think you shouldn't think of Kong as a replacement for your user service, but as a complement/addition which helps you enforcing security policies even before the request reaches your upstream service.