$ luarocks install kong-openid-connect
This plugin provides OpenID Connect (OIDC) authentication capabilities for Kong API Gateway.
It supports the Authorization Code flow, token introspection, session management,
and flexible configuration options for various OIDC providers.
Version 1.1.0 adds group-based authorization features:
- Restrict access to users in specific groups
- Extract groups from userinfo, ID tokens, or access tokens
- Support for nested group claims (e.g., realm_access.roles)
- Configurable error messages and HTTP status codes
Compatible with Kong 3.0+ (no BasePlugin dependency).
Versions
Dependencies
lua >= 5.1
lua-cjson >= 2.1.0
lua-resty-http >= 0.15
lua-resty-openidc >= 1.7.0
lua-resty-session >= 2.24