kong-openid-connect

A Kong plugin for OpenID Connect authentication with group-based authorization

$ luarocks install kong-openid-connect

This plugin provides OpenID Connect (OIDC) authentication capabilities for Kong API Gateway.
It supports the Authorization Code flow, token introspection, session management,
and flexible configuration options for various OIDC providers.

Version 1.1.0 adds group-based authorization features:
- Restrict access to users in specific groups
- Extract groups from userinfo, ID tokens, or access tokens
- Support for nested group claims (e.g., realm_access.roles)
- Configurable error messages and HTTP status codes

Compatible with Kong 3.0+ (no BasePlugin dependency).

Versions

1.1.0-118 hours ago0 downloads

Dependencies

lua >= 5.1
lua-cjson >= 2.1.0

Labels

Manifests