Community Plugin: This plugin is developed, tested, and maintained by a third-party contributor.
This plugin converts JWT claims into headers during the rewrite phase. This is useful for:
- Routing requests by JWT claim, so that Kong’s route by header functionality can route the request appropriately.
- Allowing the upstream service to consume claims as headers.
Since this plugin has elements that must run in the Rewrite execution phase, it can only be configured to run globally in a Kong workspace or cluster.
This plugin can be used in conjunction with other JWT validation/authentication plugins.
Installation & Usage
A tutorial, installation steps, and further information can be found at https://github.com/yesinteractive/kong-jwt2header.
This plugin is compatible with DB-less mode.
In DB-less mode, you configure Kong Gateway
Therefore, the Admin API is mostly read-only. The only tasks it can perform are all
related to handling the declarative config, including:
- Setting a target's health status in the load balancer
- Validating configurations against schemas
- Uploading the declarative configuration using the
Fully compatible with DB and DB-less (K8s, Declarative) Kong implementations.
Enable the plugin globally
A plugin which is not associated to any service, route, or consumer is
considered global, and will be run on every request. Read the
Plugin Reference and the Plugin Precedence
sections for more information.
Here's a list of all the parameters which can be used in this plugin's configuration:
|The name of the plugin, in this case
|Whether this plugin will be applied.
If enabled, claims will be removed from headers before being sent to the upstream. By default, each claim is passed upstream in a header prefixed with
token_required is set to
true, and an error will be returned if a valid JWT is not present in the request. Set it to
false if you want this plugin to fail open and proceed with executing the request, regardless of whether a valid JWT is present or not.