Skip to content
|
search
Kong Konnect

Manage Plugins

Plugins lets you extend Konnect functionality. You can find a full list of all Kong plugins on the Plugin Hub.

Kong plugins in Kong Konnect

Plugin configuration

Manage Konnect plugins through the Service Hub or the Runtime Manager.

You can scope a plugin to an object, or apply it globally.

  • A scoped plugin applies configuration only to a specific service, route, or consumer. You can configure plugins on services and routes through Service Hub, and on consumers through the Runtime Manager.

  • If you want to apply a plugin globally – that is, to all services, routes, and consumers in a runtime group, using the Runtime Manager.

Application registration

Application registration is built into the Service Hub. Enabling it on a service also enables two plugins in read-only mode: ACL, and one of Key Auth or OpenID Connect. These plugins appear in the service’s plugin list, and you can view their configurations, but you can’t edit or delete them directly.

Plugin limitations

Rate limiting plugins default to the redis strategy, for which you must provide your own Redis server. You can also use local to apply rate limiting per individual data plane.

The following plugins are not available with Kong Konnect:

  • OAuth2 Authentication
  • Apache OpenWhisk
  • Vault Auth
  • DeGraphQL
  • GraphQL Rate Limiting Advanced
  • Key Authentication Encrypted

See the plugin compatibility chart for a full comparison of plans and network configurations that each plugin supports.

Custom plugins

Kong Konnect supports the use of custom plugins. You can write new custom plugins using this template as a guide. Every custom plugin must meet the following requirements:

  • Admin API extensions must not contain an api.lua file.
  • Custom plugin database tables must not contain a dao.lua file.
  • Custom validation functions must be written in Lua and be self-contained within the schema.
  • The schema.lua file must not contain any require() statements.
  • Plugins that require third-party libraries must reference them in the handler.lua file.

If your plugin meets these requirements and you want to use it in Kong Konnect, contact Kong Support.

Custom plugins can’t be added directly through the Kong Konnect application.