As organizations adopt an API-first approach, there are many connectivity patterns to consider, and the developer experience needs to be excellent to promote adoption. It can be challenging to enforce API governance while enabling developers to build applications. This session recording covers how an organization can empower developers to use Kong securely, enable access control to the Kong API and Manager, enforce authentication/authorization in applications, and implement a zero-trust security model.

CEO of Styra Tim Hinrichs demonstrates how OPA and Kuma can be used for microservices API authorization.

Learn how to add OAuth 2.0 authorization and authentication to your service by integrating Kong Gateway and its OAuth 2.0 plugin. What Does the Kong Gateway OAuth2 Plugin Do? As Kong Gateway sits in front of a resource server, the OAuth 2.0 plugin adds authorization server functionality to that resource server — handling authorization requests, inspecting and refreshing tokens, and permitting or forbidding access to resources.

Kuma is an open source service mesh built on top of Envoy that supports every environment, including Kubernetes and virtual machines. In this Kuma service mesh tutorial, Marco Palladino shows how easy it is to get started.

The concept of APIOps is quite simple: We’re applying the solid and proven principles of DevOps and GitOps to the API and microservice lifecycle.

With Kong OpenID Connect, you don't have to rewrite or maintain the code over and over for API gateway security. And that makes it faster for the developers of the upstream services to get their work done.

Authentication can be difficult, but with the Kong Gateway JWT Plugin, you can save time and resources without risking your API gateway security. In this video, we'll walk through how to secure a service (in this case, an API server) with Kong Gateway and its JWT plugin. We’ll cover all the steps to set up, configure and test the service — giving you the foundational knowledge needed to implement these tools independently.

Join Kong CTO and Co-Founder Marco Palladino as he explores what zero-trust security is and why we need it and shows it in action with Kong Mesh, which is built on top of CNCF’s Kuma and Envoy.

In this demo, we show the differences and advantages of the Kong Enterprise Edition over the Kong Community Edition.

In this Kong Summit 2020 session, we will cover the architecture and approach we used to build out our digital platform at Goldman Sachs by leveraging Kong’s API gateway to implement a secure ingress controller for all digital channels, including private/public API and web interfaces. We will discuss how we integrated Kong’s API gateway with AWS native services to implement mTLS, observability and container runtime, as well as share our operational experience of running resilient API workloads in production.