Skip to content
Kong Logo | Kong Docs Logo
search
  • Docs
    • Explore the API Specs
      View all API Specs View all API Specs View all API Specs arrow image
    • Documentation
      API Specs
      Kong Gateway
      Lightweight, fast, and flexible cloud-native API gateway
      Kong Konnect
      Single platform for SaaS end-to-end connectivity
      Kong Mesh
      Enterprise service mesh based on Kuma and Envoy
      decK
      Helps manage Kong’s configuration in a declarative fashion
      Kong Ingress Controller
      Works inside a Kubernetes cluster and configures Kong to proxy traffic
      Kong Gateway Operator
      Manage your Kong deployments on Kubernetes using YAML Manifests
      Insomnia
      Collaborative API development platform
      Kuma
      Open-source distributed control plane with a bundled Envoy Proxy integration
  • Plugin Hub
    • Explore the Plugin Hub
      View all plugins View all plugins View all plugins arrow image
    • Functionality View all View all arrow image
      View all plugins
      Authentication's icon
      Authentication
      Protect your services with an authentication layer
      Security's icon
      Security
      Protect your services with additional security layer
      Traffic Control's icon
      Traffic Control
      Manage, throttle and restrict inbound and outbound API traffic
      Serverless's icon
      Serverless
      Invoke serverless functions in combination with other plugins
      Analytics & Monitoring's icon
      Analytics & Monitoring
      Visualize, inspect and monitor APIs and microservices traffic
      Transformations's icon
      Transformations
      Transform request and responses on the fly on Kong
      Logging's icon
      Logging
      Log request and response data using the best transport for your infrastructure
  • Support
  • Community
  • Kong Academy
Get a Demo Start Free Trial
Kong Konnect
  • Home icon
  • Kong Konnect
  • Gateway Manager
  • Kong Gateway Plugins in Konnect
github-edit-pageEdit this page
report-issueReport an issue
  • Kong Gateway
  • Kong Konnect
  • Kong Mesh
  • Plugin Hub
  • decK
  • Kong Ingress Controller
  • Kong Gateway Operator
  • Insomnia
  • Kuma

  • Docs contribution guidelines
enterprise-switcher-icon Switch to OSS
On this pageOn this page
  • Plugin configuration
    • Custom plugins
    • Application registration plugins
    • Plugin limitations
  • More information
    • Kong bundled plugins
    • Custom plugins

Kong Gateway Plugins in Konnect

Plugins let you extend Konnect functionality. You can choose from any number of bundled plugins in Konnect, or write your own custom plugins.

Plugin configuration

You can manage both bundled and custom plugins through the runtimes icon Gateway Manager.

You can scope a plugin to a specific Kong Gateway entity, or apply it globally within a control plane:

  • A scoped plugin applies configuration only to a specific service, route, consumer, or consumer group.

  • A global plugin applies to all services, routes, consumers, and consumer groups in a control plane.

In both cases, plugins are managed within a specific control plane. If you need a plugin to apply to multiple control planes, configure a plugin instance separately for each one, or create a control plane group.

Open the Plugins menu from within a control plane to access and manage its list of plugins:

List of plugins in a control plane

Custom plugins

You can also apply your own custom plugins through the Gateway Manager.

The Konnect control plane only needs a Lua schema file. Using that schema, it creates a plugin configuration object in Konnect, which you can access via the Konnect UI or the custom plugins API. This means that Konnect only sees a custom plugin’s configuration options, and does not see any other data.

To run in Konnect, every custom plugin must meet the following requirements:

  • General requirements:
    • Each custom plugin must have a unique name.
    • All plugin files must also be deployed to each Kong Gateway data plane node.
  • File structure requirements:
    • Admin API extensions must not contain an api.lua file.
    • Custom plugin database tables must not contain a dao.lua file.
    • The plugin must not have a migration.lua file.
  • Code and language requirements:
    • The schema for your custom plugin must be written in Lua.
    • Custom validation functions must be written in Lua and be self-contained within the schema.
    • The schema.lua file must not contain any require() statements.
    • Plugins that require third-party libraries must reference them in the handler.lua file.

Custom plugins

Application registration plugins

Application registration is built into API Products. When you enable application registration on an API product version, Konnect also automatically enables two plugins in read-only mode: ACL, and either Key Auth or OpenID Connect. These plugins appear in the service’s plugin list, and you can view their configurations, but you can’t edit or delete them directly.

Plugin limitations

Some bundled Kong Gateway plugins are not available in Konnect, or have configuration requirements specific to Konnect.

  • Rate limiting plugins default to the redis strategy, which you must provide your own Redis server for. You can also use local to apply rate limiting per individual data plane node.

  • A small number of Kong Gateway plugins are not available in Konnect. See the plugin compatibility chart for the full list, as well as a breakdown of the pricing tiers that each plugin is available in, and for specific Konnect notes for each plugin.

More information

Kong bundled plugins

  • Kong plugins in Konnect
  • Kong plugin availability by tier

Custom plugins

  • Add a custom plugin in Konnect
  • Edit or delete custom plugins in Konnect
  • Custom plugin schema endpoints (Control Plane Config API)
  • Custom plugin template
  • Plugin development guide
  • PDK reference
Thank you for your feedback.
Was this page useful?
Too much on your plate? close cta icon
More features, less infrastructure with Kong Konnect. 1M requests per month for free.
Try it for Free
  • Kong
    Powering the API world

    Increase developer productivity, security, and performance at scale with the unified platform for API management, service mesh, and ingress controller.

    • Products
      • Kong Konnect
      • Kong Gateway Enterprise
      • Kong Gateway
      • Kong Mesh
      • Kong Ingress Controller
      • Kong Insomnia
      • Product Updates
      • Get Started
    • Documentation
      • Kong Konnect Docs
      • Kong Gateway Docs
      • Kong Gateway Enterprise Docs
      • Kong Mesh Docs
      • Kong Insomnia Docs
      • Kong Konnect Plugin Hub
    • Open Source
      • Kong Gateway
      • Kuma
      • Insomnia
      • Kong Community
    • Company
      • About Kong
      • Customers
      • Careers
      • Press
      • Events
      • Contact
  • Terms• Privacy• Trust and Compliance
© Kong Inc. 2023