コンテンツにスキップ
|
Kong Konnect
report-issue問題を報告する

このページは、まだ日本語ではご利用いただけません。翻訳中です。

Configure your Custom IdP for Dynamic Client Registration

Konnect Dev Portal supports a variety of the most widely adopted identity provider (IdP) for Dynamic Client Registration (DCR):

  • Auth0
  • Azure
  • Curity
  • Okta

If your third-party IdP is not on this list, you can still use your IdP with Konnect by using a custom HTTP DCR bridge. This HTTP DCR bridge acts as a proxy and translation layer between your IdP and DCR applications in the Dev Portal. When a developer creates a DCR application in the Dev Portal, Konnect calls your HTTP DCR bridge which can translate the application data into a suitable format for your third-party IdP.

 
sequenceDiagram
    actor Developer
    participant Konnect Dev Portal
    participant HTTP DCR Bridge
    participant IdP
    Developer->>Konnect Dev Portal: Create application
    Konnect Dev Portal->>HTTP DCR Bridge: POST Create application
    HTTP DCR Bridge->>IdP: POST Create application
    IdP--)HTTP DCR Bridge: 200 OK and credentials
    HTTP DCR Bridge->>Konnect Dev Portal: Create application response (with credentials from IdP)
    Konnect Dev Portal->>Developer: Show credentials

Figure 1: This diagram shows how an HTTP DCR bridge creates an application in an IdP when a developer creates an application in the Dev Portal. First, a developer tries to create an application in Konnect Dev Portal. This triggers Dev Portal to pass the information to the HTTP DCR Bridge, which then sends a POST create application request to the IdP. Once the IdP receives the request, it sends a 200 status code in return, if successful, as well as credentials for the developer’s application. These credentials are then shown to the developer in the Dev Portal.

Configure custom DCR using the Konnect Dev Portal DCR Handler

To use an unsupported IdP with DCR, you must implement an API that conforms to the Konnect Dev Portal DCR Handler spec. Kong provides an example reference implementation in the Konnect Dev Portal DCR Handler repository. This is an example HTTP DCR bridge implementation and is not meant to be deployed in production. We encourage you to use this implementation as a guide to create your own implementation.

Any request that does not return a 2xx status code is considered failing and won’t continue the process of trying to create an application in your Konnect Dev Portal.