Kong as a Strategic Initiative to Smoothly Migrate Legacy Systems to a Modern Security Concept

API gateways are a classic, efficient way of managing services and the communication between them. But applying service orientation within a larger environment of legacy systems and a heterogeneous mix of distributed software can be cumbersome and really time-consuming. The introduction of modern authentication frameworks like OAuth2 and OpenID Connect is especially a challenge. The use of Kong as an API gateway can leverage different aspects of migration activities. In this talk, I will share our journey at GfK of modernization and security enhancement with Kong and how we intend to move a large number of services and web applications within a hopefully short time to the next generation.