Articles related to
Gateway

Kong - The Gateway without Limitations

Part 8: Plugin Cloning

This time we explore how plugin cloning of the Access Control List (ACL) Plugin enhances API security within a zero-trust architecture. We address the challenge of executing the ACL plugin twice, first for a consumer authenticated via an mTLS client certificate and then for a consumer authenticated via an OAuth2 token in the same processing pipeline, as the Kong’s architecture prevents the same plugin from running multiple times in a single request-response cycle. To meet this challenge, we introduce the Kong supported Priority-Updater tool, which enables cloning and priority configuration of existing plugins. This blog provides a comprehensive guide to implementing multi-layer authentication by plugin cloning.

24.02.2025

Alexander Suchier

Kong - The Gateway without Limitations

Part 9: Serverless functions - Who responded?

In our previous blog posts in the Kong Gateway series, we explored various security aspects, particularly focusing on token-related issues and their solutions involving both Kong and custom-built plugins. Today, we dive deeper into another coding variant within the gateway: Kong serverless functions. We will use a real-world “Who Responded?” example to demonstrate how effectively a root cause analysis approach can be supported with minimal effort.

19.03.2025

Alexander Suchier

Kong - The Gateway without Limitations

Part 10: AI Gateway

This blog details how Kong API Gateway functions as an AI Gateway, providing the necessary features to manage AI integrations securely and efficiently. Kong offers a complete, high-quality middleware solution that makes AI development easier by removing the need for many special tools and frameworks. It also supports language independence to avoid any limits. Additionally, the new AI plugins empower organizations to mitigate AI risks and uphold ethical AI practices.

14.06.2025

Alexander Suchier

 previous posts     

Other Topics