Community Plugin: This plugin is developed, tested, and maintained by a third-party contributor.
This plugin converts JWT claims into headers during the rewrite phase. This is useful for:
- Routing requests by JWT claim, so that Kong’s route by header functionality can route the request appropriately.
- Allowing the upstream service to consume claims as headers.
Since this plugin has elements that must run in the Rewrite execution phase, it can only be configured to run globally in a Kong workspace or cluster.
This plugin can be used in conjunction with other JWT validation/authentication plugins.
Installation & Usage
A tutorial, installation steps, and further information can be found at https://github.com/yesinteractive/kong-jwt2header.
This plugin is compatible with requests with the following protocols:
This plugin is compatible with DB-less mode.
In DB-less mode, Kong Gateway does not have an Admin API. If using this
mode, configure the plugin using declarative configuration.
Fully compatible with DB and DB-less (K8s, Declarative) Kong implementations.
Enabling the plugin globally
A plugin which is not associated to any service, route, or consumer is
considered global, and will be run on every request. Read the
Plugin Reference and the Plugin Precedence
sections for more information.
Here's a list of all the parameters which can be used in this plugin's configuration:
|The name of the plugin to use, in this case
|Whether this plugin will be applied.
Default value: false
If enabled, claims will be removed from headers before being sent to the upstream. By default, each claim is passed upstream in a header prefixed with
Default value: true
token_required is set to
true, and an error will be returned if a valid JWT is not present in the request. Set it to
false if you want this plugin to fail open and proceed with executing the request, regardless of whether a valid JWT is present or not.