Kong
docs(oidc): supporting dpop
Description
KAG-4377
New feature support.
https://github.com/Kong/kong-ee/pull/8482
Testing instructions
Preview link:
Checklist
- [x] Review label added
- [x] Conditional version tags added, if applicable.
Deploy Preview for kongdocs ready!
| Name | Link |
|---|---|
| Latest commit | c898e0b56997c74db2479c5f4fc708f866844394 |
| Latest deploy log | https://app.netlify.com/sites/kongdocs/deploys/6644e574f94ae60008a13e9b |
| Deploy Preview | https://deploy-preview-7323--kongdocs.netlify.app |
| Preview on mobile | Toggle QR Code...Use your smartphone camera to open QR code link. |
Lighthouse |
9 paths audited Performance: 95 (🟢 up 4 from production) Accessibility: 93 (no change from production) Best Practices: 98 (🟢 up 8 from production) SEO: 91 (no change from production) PWA: - View the detailed breakdown and full score reports |
To edit notification comments on pull requests, go to your Netlify site configuration.
![netlify[bot] avatar](https://avatars.githubusercontent.com/in/13473?v=4 "Published by a pub.dev verified publisher"){kind=small}
Should we also add a reference from Mutual TLS certificate-bound access tokens to this? @lena-larionova
@StarlightIbuki I converted the example into the same format used in our other OIDC guides, which generates output for multiple tools & formats.
Also added a diagram based on info from @veenaraja, adapted to Kong - please take a look and let me know if it's accurate for our use case.
2 things are different in the use of the current design of this feature:
- The token is not necessarily issued (proxied) by Kong;
- We're downgrading the DPoP token thus the proof and
DPoPtoken type are invisible from the upstream.
I will fix the diagram.
@lena-larionova Hi. Could you review it again and see if the PR is ok to merge?