See what makes Kong the fastest, most-adopted API gateway
Check out the latest Kong feature releases and updates
Single platform for SaaS end-to-end connectivity
Enterprise service mesh based on Kuma and Envoy
Collaborative API design platform
How to Scale High-Performance APIs and Microservices
Call for speakers & sponsors, Kong API Summit 2023!
3 MIN READ
As organizations look to accelerate their digital transformation initiatives, a couple of key trends are prevalent. First, there is a movement from monolithic to smaller cloud native microservices. Second, there is more pressure to innovate, resulting in an explosion of APIs and connections to secure. To help organizations address these trends, Kong is joining forces with Okta to deliver the best-in-class identity for API management.
“We are pleased to have Kong join the Okta technology partner ecosystem,” said John Pritchard, VP of product management at Okta. “Kong is a leader in API management. Kong’s integration with Okta helps our joint customers securely manage their APIs and microservices.”
Kong’s technology partnership with Okta helps organizations securely design, publish, and consume APIs and microservices.
“Kong and Okta are best-in-class solutions to support customers’ API management and identity needs, enabling organizations to make it easier to secure identity at every step of the development lifecycle,” said Ken Kim, vice president of business development at Kong.
Kong’s API gateway was designed and built for modern application development platforms, optimized for microservices and distributed architectures. The main capabilities provided by Kong are:
Okta API Access Management provides comprehensive identity provider (IdP) capabilities to secure enterprise-wide applications, including:
The Kong API gateway is available in two form-factors, Kong Enterprise, which is self-managed, and a new cloud offering called Kong Konnect Cloud. Kong and Okta have created integrations for both editions, which leverage the same plugins and provide all the same benefits
The Kong API gateway and Okta identity provider relationship is based on OpenID Connect (OIDC) standards. Both products fully support OIDC and provide seamless integration to implement all flows and grants defined in the standard to give flexibility to the authentication and authorization processes.
In this sense, Kong and Okta offload request processing from the upstream services: Kong handles routing, transformation, observability and other policies while delegating authentication, authorization and role-mapping to Okta. The services sitting behind Kong and Okta, including legacy SOAP services, modern protocols such as REST, GraphQL and gRPC, as well as cutting-edge microservices running in Kubernetes, are free to focus on business logic alone, leading to a dramatically improved development velocity, an improved security posture and faster time to value.
During Kong Summit 2021, Kong announced the availability of Okta support in Kong Konnect Cloud for Kong administrative SSO and authentication and authorization for API consumers. Kong announced a one-click button integration with Okta with complete role-mapping.
For more Information, check both Kong and Okta web sites as well as the blog video series describing four OIDC-based processes, including:
Claudio Acquaviva also contributed to this article.
Learn how to make your API strategy a competitive advantage.