I would like to use Kong to protect some services. But I already used an idm for the user management.
The user gets a token from the idm and puts it in the header when he requests the kong gateway. For this I would write a plugin that does this. The plugin would then request the idm. As an answer you get from the idm if the user is allowed to make this request and the user id that the user has in the idm. So the user is only registered in the idm and not as a consumer in Kong. If I want to use a rate limit now, the plugin description says If the underlying Service/Route (or deprecated API entity) has no authentication layer, the client IP address will be used, otherwise the Consumer will be used if an authentication plugin has been configured.
Is it now possible to use the user id from the idm to limit the rate limit in?
I already found:
but I could not find an answer to my question.
You are able to set the config.limit_by to header and config.header_name to a custom name(configuration). So the plugin needs to set a custom header e.g. 'x-user-id' to the id given from the idm. You have to make sure, that your plugin runs before the rate limiting plugin. You can look this up here ( > 901). Now just set the config.header_name to x-user-id and rate limiting works. I couldn't find an other solution.