Kong Konnect and Okta Post #1

Okta and Kong Konnect Part 1: Implementing Client Credentials

Learn how to set up client credentials flow for application authentication with Okta and Kong Konnect. Learn more about Konnect and start a free trial.

• Konnect and Okta Integration Topology (0:23)

• Set Up Konnect Service and Route (2:23)

• Set Up Okta (3:42)

• Create Konnect Data Plane (4:10)

• Consume the Route without a Policy (5:10)

• Add OpenID Connect Plugin (5:44)

• Test the OpenID Connect Plugin (7:23)

• Upstream Header Injection (8:06)


Using Kong’s OpenID Connect (OIDC) plugin, Kong and Okta work together to solve three significant application development challenges:

1. Connectivity

2. Authentication

3. Authorization


The OIDC plugin enables Kong, as the API gateway, to communicate with Okta via the OAuth/OIDC flows. That way, your app teams don’t have to configure and diagnose authentication and authorization for each service individually. With these challenges solved, app teams have more time to build and innovate.


This series will show you how to implement service authentication and authorization for Kong Konnect and Okta using the OIDC plugin. In this tutorial, we’ll cover client credentials flow for application authentication. Parts 2-4 will cover:

• Authorization code for user authentication

• Integral introspection for token validation

• Access control based on Okta’s groups and planes


Read the full tutorial blog post.


Contact us if you have any questions as you’re getting set up.