NewsNews

NewsRSS

Article: Token-Based Access Control With Kong, OPA and Curity

Article: Token-Based Access Control With Kong, OPA and Curity

Curity's Jonas Iggbom recently contributed to the Kong Inc. blog. In the article, he explains how you can establish token-based access control using the Curity Identity Service, Kong Gateway, and Open Policy Agent.

The blog post focuses on implementing the Phantom Token Approach to achieve Level 3 of the API Security Maturity Model. This approach externally uses opaque (reference) access tokens, exchanging them for a signed JSON Web Token (JWT) with scopes and claims in Kong Gateway. The system then passes that information onward to the upstream API.

Read the article Token-Based Access Control With Kong, OPA and Curity here.

Back to news

Next steps

Ready to modernize IAM?

Start Today - Build security and improve ease of use to stay ahead of the competition.

Free trial icon representing Start a free trial

Start a Free Trial

Calendar icon representing Schedule a demo

Schedule a demo

User with a computer icon representing Speak to an Identity Specialist

Speak to an Identity Specialist

Book icon representing Explore learning resources

Explore learning resources