Related Documentation
Made by
Kong Inc.
Incompatible with
konnect
Supported Gateway Topologies
hybrid db-less traditional
Compatible Protocols
grpc grpcs http https

3.11.0.0

Release date 2025/07/03

Bugfix

  • Fixed an issue where data planes didn’t use the keys passed from the control plane to sign/re-sign.

3.10.0.0

Release date 2025/03/27

Bugfix

  • Fixed an issue where the jwt-signer plugin failed to upsert jwks if the jwks contains extra custom fields.

3.9.0.0

Release date 2024/12/12

Feature

  • Supported /jwt-signer/jwks endpoint in dbless mode

3.8.0.0

Release date 2024/09/11

Feature

  • Supported /jwt-signer/jwks/:jwt_signer_jwks endpoint in dbless mode.

3.7.0.0

Release date 2024/05/28

Feature

  • supports basic auth and mtls auth to external jwks services

  • The plugin now supports periodically rotating the jwks. For example, to autmatically rotate access_token_jwks_uri, you can set the config access_token_jwks_uri_rotate_period

  • The plugin now supports adding the original JWT(s) to the upstream request header by specifying the names of the upstream request header with original_access_token_upstream_header and original_channel_token_upstream_header. And access_token_upstream_header, channel_token_upstream_header, original_access_token_upstream_header, and original_channel_token_upstream_header should not have the same value.

  • Support pseudo json value in add_claims and set_claims for JWT-Signer. We can achieve the goal of passing multiple values to a key by passing a JSON string as the value. And add add_access_token_claims, set_access_token_claims, add_channel_token_claims, set_channel_token_claims for individually adding claims to access tokens and channel tokens. Additionally, add remove_access_token_claims and remove_channel_token_claims to support the removal of claims.

3.6.0.0

Release date 2024/02/12

Bugfix

  • support for consumer group scoping by using pdk kong.client.authenticate function

3.5.0.4

Release date 2024/05/20

Bugfix

  • support for consumer group scoping by using pdk kong.client.authenticate function

3.4.3.5

Release date 2024/03/21

Bugfix

  • support for consumer group scoping by using pdk kong.client.authenticate function

3.3.0.0

Release date 2023/05/19

Feature

  • Added the configuration field add_claims, which lets you add extra claims to JWT.

3.2.1.0

Release date 2023/02/28

Feature

3.1.0.0

Release date 2022/12/06

Feature

  • The anonymous field can now be configured as the username of the consumer. This field allows you to configure a string to use as an “anonymous” consumer if authentication fails.

3.0.0.0

Release date 2022/09/09

Breaking Change

  • Updated the priority for some plugins.: jwt-signer changed from 999 to 1020.

2.8.2.3

Release date 2023/01/06

Bugfix

  • Fixed the error attempt to call local 'err' (a string value).

2.8.1.0

Release date 2022/04/07

Bugfix

  • Implement the enable_hs_signatures option to enable JWTs signed with HMAC algorithms

2.8.0.0

Release date 2022/03/02

Bugfix

  • Fixed an issue where the enable_hs_signatures configuration parameter did not work. The plugin now defines expiry earlier to avoid arithmetic on a nil value.

Did this doc help?

Something wrong?

Help us make these docs great!

Kong Developer docs are open source. If you find these useful and want to make them better, contribute today!