Portal Application Registration
Allow portal developers to register applications against Services
Basic Authentication
Add Basic Authentication to your Services
HMAC Authentication
Add HMAC Authentication to your Services
Kong JWE Decrypt
Decrypt a JWE token in a request
JWT
Verify and authenticate JSON Web Tokens
Kong JWT Signer
Verify and sign one or two tokens in a request
Key Authentication
Add key authentication to your Services
Key Authentication - Encrypted
Add key authentication to your services
LDAP Authentication
Integrate Kong with an LDAP server
LDAP Authentication Advanced
Secure Kong clusters, Routes, and Services with username and password protection
Mutual TLS Authentication
Secure routes and services with client certificate and mutual TLS authentication
OAuth 2.0 Authentication
Add OAuth 2.0 authentication to your Services
OAuth 2.0 Introspection
Integrate Kong with a third-party OAuth 2.0 Authorization Server
OpenID Connect
Integrate Kong with a third-party OpenID Connect provider
Session
Support sessions for Kong Authentication Plugins.
Vault Authentication
Add Vault authentication to your Services
Okta
Integrate Okta's API Access Management (OAuth as a Service) with Kong API Gateway.
PASETO
PASETO (Platform-Agnostic Security Tokens)
Upstream HTTP Basic Authentication
Add HTTP Basic Authentication header to upstream service request
ACME
Let's Encrypt and ACMEv2 integration with Kong
Bot Detection
Detect and block bots or custom clients
CORS
Allow developers to make requests from the browser
IP Restriction
Allow or deny IPs that can make requests to your Services
OPA
Authorize requests against Open Policy Agent
SAML
Provides SAML v2.0 authentication and authorization between a Service Provider (Kong) and an Identity Provider
TLS Handshake Modifier
Requests a client to present its client certificate
TLS Metadata Headers
Proxies TLS client certificate metadata to upstream services via HTTP headers
Cleafy plugin for Kong
Integrate Kong API GW with Cleafy threat detection & protection for API-based apps
Approov API Threat Protection
Approov ensures that only genuine and unmodified instances of your mobile app can connect to your server or cloud backend
Kong Spec Expose
Expose OAS/Swagger/etc. specifications of auth protected APIs proxied by Kong
Kong Upstream JWT
Add a signed JWT into the header of proxied requests
Salt Security
Integrate Kong API Gateway with Salt Security Discovery & Prevention for API-based apps
Kong Path Allow
Determine if the path is in the path allow list, and if not, return a 403
Signal Sciences
Secure your web applications and APIs without impacting your business
Wallarm
Wallarm is AI-Powered Security Platform for protecting microservices and APIs
ACL
Control which Consumers can access Services
Canary Release
Slowly roll out software changes to a subset of users
Forward Proxy Advanced
Allows Kong to connect to intermediary transparent HTTP proxies
GraphQL Proxy Caching Advanced
Cache and serve commonly requested responses in Kong
GraphQL Rate Limiting Advanced
Provide rate limiting for GraphQL queries
Mocking
Provide mock endpoints to test your APIs against your services
OAS Validation
Validate HTTP requests and responses based on an OpenAPI 3.0 or Swagger API Specification
Proxy Cache
Proxy Caching Advanced
Rate Limiting
Rate-limit how many HTTP requests can be made in a period of time
Rate Limiting Advanced
Upgrades Kong Rate Limiting with more flexibility and higher performance
Request Size Limiting
Block requests with bodies greater than a specified size
Request Termination
Terminates all requests with a specific response
Request Validator
Validates requests before they reach the Upstream service
Response Rate Limiting
Rate-limiting based on a custom response header value
Route By Header
Route request based on request headers
Upstream Timeout
Set timeouts on routes and override service-level timeouts
WebSocket Size Limit
Block incoming WebSocket messages greater than a specified size
WebSocket Validator
Validate WebSocket messages before they are proxied
XML Threat Protection
Apply structural and size checks on XML payloads
Set Dynamic Upstream Host
Constructs the upstream hostname dynamically based on the incoming request parameters
Kong Response Size Limiting
Block responses with bodies greater than a specified size
Kong Service Virtualization
Mock virtual API request and response pairs through Kong Gateway
JWT to Header (Route by JWT Claim)
Convert JWT Claims to Headers for upstream consumption or to route by JWT Claims
AWS Lambda
Invoke and manage AWS Lambda functions from Kong
Azure Functions
Invoke and manage Azure functions from Kong
Apache OpenWhisk
Invoke and manage OpenWhisk actions from Kong
Serverless Functions
Dynamically run Lua code from Kong
AWS Request Signing
Sign requests with AWS SIGV4 and temp credentials for secure use of AWS Lambdas in Kong.
AppDynamics
Integrate Kong with the AppDynamics APM Platform
Datadog
Visualize metrics on Datadog
OpenTelemetry
Propagate spans and report space to a backend server through OTLP protocol.
Prometheus
Expose metrics related to Kong and proxied upstream services in Prometheus exposition format
StatsD
Send metrics to StatsD
StatsD Advanced
Send metrics to StatsD with more flexible options
Zipkin
Propagate Zipkin spans and report space to a Zipkin server
Amberflo.io API Metering
API usage metering and usage-based billing.
ArecaBay MicroSensor
Discover, Monitor, and Secure your APIs at object/data level.
Moesif API Analytics
Powerful API analytics and tools to activate, understand, and monetize customers.
SignalFx
Monitor and analyze Kong in SignalFx
Correlation ID
Correlate requests and responses using a unique ID
DeGraphQL
Transform a GraphQL upstream into a REST API
Exit Transformer
Customize Kong exit responses sent downstream
gRPC-gateway
Access gRPC services through HTTP REST
gRPC-Web
Allow browser clients to call gRPC services
jq
Transform JSON objects included in API requests or responses using jq programs.
Kafka Upstream
Transform requests into Kafka messages in a Kafka topic.
Request Transformer
Use regular expressions, variables, and templates to transform requests
Request Transformer Advanced
Use powerful regular expressions, variables, and templates to transform API requests
Response Transformer
Modify the upstream response before returning it to the client
Response Transformer Advanced
Route Transformer Advanced
Transform routing by changing the upstream server, port, or path
Inspur Request Transformer
Kong plugin to transform diversiform requests
Inspur Response Transform
kong plugin to transform http response from json to xml
API Transformer
Kong middleware to transform requests / responses, using Lua script.
Reedelk Transformer
Kong plugin to transform Reedelk requests and responses
Template Transformer
Kong middleware to transform requests / responses, using pre-configured templates.
URL Rewrite
Kong middleware to completely rewrite the URL of a route.
File Log
Append request and response data to a log file
HTTP Log
Send request and response logs to an HTTP server
Kafka Log
Publish logs to a Kafka topic
Loggly
Send request and response logs to Loggly
Syslog
Send request and response logs to Syslog
TCP Log
Send request and response logs to a TCP server
UDP Log
Send request and response logs to a UDP server
Kong Google Cloud Logging
Logs Kong requests with Google Cloud Logging
Kong Splunk Log
Log API transactions to Splunk using the Splunk HTTP collector
Google Analytics Log
Log API transactions to Google Analytics
Kong on AWS with Terraform
Terraform module to provision Kong and Kong Gateway clusters on Amazon Web Services.
Kong on Microsoft Azure Certified
The Bitnami Kong Stack provides a one-click install solution for Kong
KongMap
Visually Map and Manage your Kong Clusters