Skip to content
|
Plugin Hub
github-edit-pageEdit this page
report-issueReport an issue
header icon

JWE Decrypt Configuration

By Kong Inc.
You are browsing documentation for an outdated plugin version.

Configuration

This plugin is compatible with DB-less mode.

Parameters

Here's a list of all the parameters which can be used in this plugin's configuration:

  • name or plugin

    string required

    The name of the plugin, in this case jwe-decrypt.

    • If using the Kong Admin API, Konnect API, declarative configuration, or decK files, the field is name.
    • If using the KongPlugin object in Kubernetes, the field is plugin.

  • service.name or service.id

    string

    The name or ID of the service the plugin targets. Set one of these parameters if adding the plugin to a service through the top-level /plugins endpoint. Not required if using /services/{serviceName|Id}/plugins.

  • route.name or route.id

    string

    The name or ID of the route the plugin targets. Set one of these parameters if adding the plugin to a route through the top-level /plugins endpoint. Not required if using /routes/{routeName|Id}/plugins.

  • enabled

    boolean default: true

    Whether this plugin will be applied.

  • config

    record required

    • lookup_header_name

      string required default: Authorization

      The name of the header to look for the JWE token.

    • forward_header_name

      string required default: Authorization

      The name of the header that is used to set the decrypted value.

    • key_sets

      array of type string required

      Denote the name or names of all Key Sets that should be inspected when trying to find a suitable key to decrypt the JWE token.

    • strict

      boolean default: true

      Defines how the plugin behaves in cases where no token was found in the request. When using strict mode, the request requires a token to be present and subsequently raise an error if none could be found.