►
From YouTube: Discover the New Plugins in Kong Gateway 3.1
Description
Kong Gateway 3.1 includes several new plugins, forming our most powerful plugin ecosystem yet and with an enhanced functionality for a few existing plugins.
For our last User Call for 2022, Gang Guo (Product Manager, Kong) will deep dive into the following new plugins:
- AppDynamics
- SAML2
- JWE Decryption
- OpenAPI Specification (OAS) validation
- XML Threat Protection
What's more, we introduced an enhancement into:
- Mock plugin
- Forward proxy plugin
A
Hello-
everyone
good
morning,
good
afternoon,
good
evening
from
wherever
you're
joining
us.
My
name
is
Dalia
and
I
work
as
a
community
manager
at
Kong,
I'm
very
happy
to
have
all
of
you
join
us
for
the
last
user.
Call
for
2022.
very
happy
to
have
all
of
you
here
today
today.
The
topic
will
be
discover
the
new
con
plugins
in
Kong
Gateway
3.1,
and
we
have
Gunk
who
will
be
presenting.
A
We
have
also
Hans
and
Sami,
who
will
be
doing
some
demos
for
you
and
please
put
all
of
your
questions
in
the
Q
a
function
on
the
bottom
and
we
will
answer
them
at
the
end
of
the
presentation
and
yeah
with
that.
I
will
give
it
to
gun,
to
introduce
himself
and
to
get
going
with
the
presentation.
B
Yeah,
thank
you
Dalia
good
morning,
good
afternoon.
This
is
Gango
from
London,
so
today
I'm
happy
to
present
to
you
the
new
features
we
delivered
in
Kong,
3.1
yeah.
B
The
agenda
is
fairly
simple:
I
will
give
everybody
a
introduction
about
com,
Gateway
and
also
Kong
Gateway
plugins.
Then
we
get
into
the
details
of
new
plugins
being
released
in
version
3.1.
After
that
we
will
have
two
of
our
Engineers
joined
me
today.
To
do
some
live
demos
of
three
new
plugins
at
the
end
we
have
a
short
moment
for
Q
a.
B
B
So
very
recently,
Tong
is
being
being
named
as
a
leader
by
Gardner
the
third
time,
and
we
moved
even
further
on
the
right
hand
side.
So
that
literally
means
I'm.
A
product
offerings
is
much
more
advanced
than
any
other
vendors,
because
you
can
see
on
the
chart.
You
know
under
the
further
you're
on
right
hand,
side
basically
means
you're
more
advanced.
B
Obviously
we
are
newcomers,
so
we're
not
as
good
as
you
know.
The
old
mature
vendors
like
RPG
or
mulesoft,
because
they
have
been
there
for
probably
more
than
10
years
now,
but
we
are
the
fattest
ones
getting
the
leader
content
and
we
are
the
leaders.
So
yes,
in
a
row
already,
so
you
always
the
most
popular
API
Gateway
in
the
planet.
Already
the
next
thing
I'm
going
to
highlight
is
we
have
a
comb
plugin
Hub
I
put
the
links
on
the
top
here.
B
If
you
haven't
been
visited
these
sites,
I
suggest
you
do
now,
with
this
new
plugin
being
released
in
version
3.1.
B
This
plugin
Hub
actually
has
about
more
than
100
plugins,
provided
here
not
only
by
Chrome,
but
also
by
Compounders,
and
also
lots
of
cone
lovers
like
you,
they
actually
contributed
also
open
source
plugins
for
the
community
as
well
have
a
look,
and
you
will
find
something
probably
helpful
for
your
work.
B
Next
one
is
I'm
going
to
mention
is
plugging
compatibilities.
That's
all
you
know.
Chrome
Gateway
can
be
deployed
in
different
mode,
and
normally
you
can
do
TV
lays
you
know
if
you
open
source.
Probably
this
is
a
easy
way
to
do
it.
You
don't
need
a
database,
you
just
have
a
configuration
files
and
load.
Your
call,
the
downside.
Obviously,
is
you
can't
really
change
your
configurations
on
the
Fly
and
it
will
be
fixed,
as
you
start
call.
B
The
good
thing,
obviously
is
you
know
you
can
scale
it
easily
and
it's
very
tiny
footprint,
so
I
can
still
see
lots
of
people
running
dblens.
Today,
then,
the
classic
ones,
which
is
every
single
con
Gateway
instance,
have
a
database
behind
it.
B
The
good
thing
is,
everybody
can
change
the
configurations
and
read
the
latest
configurations
out.
The
bad
thing
is
the
database
has
been
connected
all
the
time
by
all
the
instance.
Then
the
third
mode
is
hybrid.
Constantly
you
have
a
safety
only
being
connected
to
the
database
and
DP
nodes
are
talking
to
the
CP.
B
The
good
thing
about
this
is:
you
can
still
benefit
from
dynamically
changing
configurations
of
the
con
Gateway
and
also
apply
plugins
on
the
Fly
as
well
as
you
don't
really
need
to
have
the
DP
nodes
connected
to
a
database,
especially
two
when
your
DP
nodes
is
actually
running
in
the
DMZ.
B
So
with
this
three
deployment
mode,
Iman
avacon
Gateway
plugins,
obviously
has
a
compatibilities
to
each
of
these
deployment
mode.
So
if
you
apply
a
plugin
and
if
it
does
not
work
as
expected,
then
I
recommend
you
check
this
compatibility
list.
It
might
be
because
your
deploy
mode
is
not
supported
by
that
particular
plugin.
So
that
probably
will
reduce
50
of
the
chance
of
you
know.
You
spend
lots
of
time
figured
out
why
it
does
not
work.
Actually,
it's
fundamentally
not
supported
by
this
deployment
mod.
B
So
the
link
I
put
down
already
there
below,
have
a
look.
So
why
I
highlight
this
too,
is
because
this
is
fundamental
for
the
plugins
so
before
you
can
enjoy
any
vlogging,
so
any
new
plugins,
this
basic
knowledge-
hopefully
will
you
know
serve
you
for
a
long
way.
B
Then
we
will
have
a
quick
pull
from
Dalia.
A
A
Nice
I'm
happy
to
see
that
there
is
also
from
both
open
source
because
for
the
user
calls
we
try
to
cover
both
topics.
We
have
a
lot
of
topics
which
are
only
for
the
open
source.
Today
we
do
Enterprise,
so
we
will
make
sure
we
rotate
them.
A
Cool
I
will
leave
this
open,
so
people
can
vote
and
you
shall
we
do
the
other
one
as
well.
A
B
Comb
plugins,
of
course,.
B
So
obviously
why
we
provide
Chrome
plugins
is
because,
although
con
Gateway
is
really
lightweight
and
can
be
deployed
anywhere
inside
the
Dockers
inside
kubernetes
in
the
cloud
on
premise,
we
would
like
to
get
it
even
more
powerful.
B
So
comb
plugin
is
the
way
we
actually
modeled
our
comp
plugin
con
gateways
to
be
able
to
make
it
extendable
getting
more
powerful
and
flexible.
B
So
the
key
is
to
give
user
the
power
and
make
them
to
conquer
their
daily
problems
or
issues
with
the
least
of
effort.
All
the
plugins
we're
trying
to
you
know,
build
them
use.
Obviously,
so
all
the
plugins
we
currently
bundled
with
chrome,
you
can
actually
use
it
using
commanding
uis
or
you
use
API
calls
to
apply
them
or
change
them.
B
You
can
also
do
the
deck
dump
or
deck
thing
to
declaratively
apply
the
plugins
and
in
the
past,
connect
is
a
little
bit
lagged
behind
to
support
the
latest
release
plugins.
Nowadays,
we
more
or
less
get
to
a
similar
time
from
connect
to
support
the
newly
released
Enterprise
plugins.
Officially,
the
other
thing
is,
you
know
it
gives
user
the
flexibility
and
power
you
probably
already
realized.
You
have
with
limiting
Transformations
possibility
related
plugins
like
log
metrics
and
tracing.
We
also
can
Dynamics
change
the
plugin
execution
orders.
B
B
We
have
a
very
powerful
oidc
plugins,
which
can
support
probably
more
than
20
or
30
idps,
and
we
have
very
rich
planning
ecosystem.
If
you
go
to
the
plugin
Hub,
you
probably
can
fill
that
already.
I
have
listed
the
new
plugins.
We
have
added
inversion
3.1,
which
give
our
users
even
more
power.
All
these
green
ones
that
is
here
are
new
plugins
samo2
is
a
new
way
to
authenticate
income
Gateway.
Obviously,
some
or
two
probably
existed
for
quite
a
long
time
in
all
days.
If
anybody
here.
C
B
A
soft
based
web
services-
you
probably
know
some
or
two
for
quite
a
long
time
and
at
the
beginning,
because
Kong
Gateway
is
relatively
new,
so
we
go
with
the
OS
and
oidc
awesome
and
mainstream,
but
when
we
grow
our
custom
basis,
especially
the
big
Corporation
customers,
the
CEO
would
like
us
to
support
those
mature
standards,
the
next
time
or
two.
So
as
required,
we
provided
summer
to
support
in
this
release
and
also
the
XML
scrap
protection
is
similar.
B
Although
soft
Services
is
there
for
quite
a
long
time,
but
you
will
be
surprised,
there
are
still
lots
of
XML
based
web
services
so
to
protect
our
customers.
We
also
added
XML
threat
production
plugin
other
than
the
traditional
ones.
B
We
also
have
added
a
OAS
validation,
plugin,
which
is
very
new
and
because
nowadays,
majority
of
the
apis
are
restful
based.
So
you
will
send
link
Json
and
Json
request
and
Json
response.
This
OS
validation,
plugin
can
do
is
to
based
on
your
open
API
specifications
to
do
the
request
and
response
validation
against
it.
B
B
Then
we
have
this
job
decryption
plugin,
you
probably
already
know
we
have
jobs,
validations,
jobstana
and
now
we're
at
this
job.
Decryption
is
because
we
have
lots
of
open
banking.
Financial
customers
they
are
they
are
asked
to
do-
is
to
validate
against
a
encrypted
your
token,
which
they
are
Partners
I
need.
B
C
B
Another
new
plugin
being
added
to
support
path
Dynamics,
if
you
are
a
bank
or
insure
or
the
government
or
big
corporations
and
academics,
probably
is
the
application
Performance
Management
systems
you're.
Using
with
this
plugin,
we
could
send
transactions
to
our
Dynamics
as
part
of
the
API
going
through.
You
will
be
able
to
see
entire
API
Journeys
and,
in
the
aftermath
controller
from
one
single
place.
B
We
also
enhanced
existing
mocking
plugin,
which
I'm
not
wrong
here.
Morgan
plugin
was
provided
probably
last
year,
but
it
was
fairly
basic
and
this
time
I
did
more
features
to
make
sure
we
can
support
much
more
status
code,
samples
being
returned
and
also
you
can
define
a
randomized
way
which
status
code
you
let's
get
written,
it
will
be
much
more
useful
than
you
can
see,
I'm
working,
so
that's
the
enhancement.
Obviously,
now
let
me
dive
into
install
games
provided
yeah.
B
Yeah,
the
first
one
is
up
Dynamics
plugin,
so
you
can
see
on
the
left
hand,
side,
we
have
a
blunt
API
client,
it
could
be
a
web
client
or
mobile
client.
B
They
will
do,
is
a
click
link
or
click
a
button.
You
know
in
your
mobile
apps
or
web
apps
and
then
API
call
being
made
through
API
gateway.com
and
then
homework
proxy.
The
API
request
to
a
back-end,
microservices
or
apis
implemented,
and
the
update
agent
being
normally
installed
on
the
web
front
end
and
also
on
the
back
and
macro
Services,
which
can
send
the
API
transactions
informations
to
the
academics
before
Chrome
API
before
come
of
the
plugins.
B
Con
Gateway
is
more
like
a
black
box
and
with
this
plugin
now
in
place,
customer
can
actually
see
it
from
intern,
from
the
clip
being
made
on
the
web
front,
end
to
clone
proxy
the
apis
through
and
then
the
backend
service.
You
get
the
request
and
send
the
response
back.
You
can
track
it
end
to
end
and
preferably
action
if
and
in
performance
bottleneck
or
if
any
errors
from
one
single
place
in
the
aftermax
controller
outbox.
B
This
is
very
intuitive
to
use
and
I
think
later
on,
abandonia
will
demo
it
in
life.
B
If
you
switched
on
configured
properly,
it
actually
get
all
this
flow
map
drawn
for
you
automatically
in
your
update
controller.
This
is
one
of
the
samples
from
our
using
customers
and
then
the
second
one
is
summer.
Two
I
have
mentioned
earlier:
Samuel
2
is
a
fairly
mature
standard.
B
B
The
process
is
very
simple
when
you
also
make
the
API
call,
if
you
have
this
plugin
enabled
user
will
be
redirected
to
Microsoft
active
directory
to
do
the
login
using
the
Microsoft
credentials.
B
If
they
logging
are
successful,
a
token
will
be
issued
and
the
comb
will
validate
that
token
to
make
sure
this
is
the
user,
and
this
is
this
authenticated
by
interpret
those
versions
in
the
token
itself,
and
then,
after
that,
one
passed.
Kong
will
pass
on
the
request
to
the
backend
services
and
also
convo
store
the
sessions
in
a
cookie.
So
when
you
make
the
next
call,
Como
use
the
ignition
session
cookies
to
make
the
API
boxing,
so
you
don't
really
need
to
do
is
to
authenticate
every
single
time.
B
B
Next
one
we
also
are
going
to
demo.
It
today
is
the
open,
APS
decision,
validation,
plugin.
We
already
have
a
using
plugin,
which
called
request
validation,
but
that
one
is
only
be
able
to
do
requests.
B
This
plugin
can
do
both
request
and
response
against
your
open,
api's
decisions,
not
only
that
this
one
also
supports
you
to
configure
a
web
cook
endpoint.
So
if
anything
not
pass
your
validations
and
you
can
actually
send
that
request
and
response
body
to
that
web
hook
for
the
debugging
or
root
code
analysis
later.
So
our
engineer
will
demo
today.
B
C
B
Before
we
can
do
a
job
token
validation,
the
encryption
and
decryption
keys
can
be
exchanged
using
our
jks
and
font.
We
have
enhanced
and
standardized
jks
and
important
with
this
plugin
behancing.
So
actually
we
are
planning
to
standardize
all
this
jks
key
and
the
plant
across
the
Johnson
and
the
YDC
plugin
in
the
future
releases
from
functionality
perspective
forget
about
the
underlying
changes
we
are
doing
on
the
jks
or
JWT.
You
know,
libraries,
the
functionality
is
straightforward,
you
get
encrypted
token
coming
in
and
then
this
one
will
decrypt
it.
B
So
you
can
actually
use
it
like
normal
with
a
dropped,
validation,
plugin.
A
B
If
it's
a
normal
plugin,
so
it's
really
suits
forward
nice
and
special
next
one
is
XML
Strat
production.
B
This
one
is
thanks
to
you
know
a
new
library
is
being
imported
at
this
time
with
zip
on
one
own
us,
everybody
know
it's
based
on
Lua,
so
obviously
Lua
is
not
as
rich
as
any
other
language
like
Java,
so
we
haven't
done
small
for
quite
a
long
time
is
because
you
know
libraries
to
support
xmo
from
luo
is
fairly
limited.
B
Now,
this
time
we
can
do
the
XML
threat
protection
plugin.
It's
all
thanks
to
another
XML
library
is
being
quoted
into
Kong,
which
is
save-based.
Obviously,
and
so
law
can
call
those
libraries
to
do
as
pause
or
check
the
structures
check
the
dams.
B
So
you
can
limit
the
feed,
apps
and
limited
structures
and
the
payload
size.
So
we
could
do
lots
of
preventions
for
you
against
the
bad
guys.
Obviously
so
have
a
look
to
the
documentation
and
play
with
it.
It
is
quite
powerful.
Obviously,
next
one
I
think
I
mentioned
earlier
as
well.
The
more
game
planning
this
plugin.
B
We
used
to
be
able
to
only
support
for
everyone
or
two
sets
codes,
samples
being
returned
like
to
200
or
201
no
match
useful,
but
with
this
enhancement
we
can
now
support
more
or
less
all.
This
stats
is
called
being
returned
with
examples,
and
you
can
even
Define
by
which
examples
of
Cisco
you
would
like
to
be
returned
by
this
plugin
and
as
well
as
we
can
simulate
some
latencies
on
your
mock,
Services,
say:
yeah
I
would
like
to
have
500
milliseconds
latences
being
simulated
by
Denmark.
B
B
So
again
you
know
welcome
you
to
play
it,
and
if
you
have
any
further
suggestions
for
improvement,
you
know,
let
us
know
I
think
I
talked
about
plugins
by
Lots,
because
different
one
literally
is
a
plugin
which
release
immediately
after
the
version
three
we
announced
The
Summit
in
September,
but
also
you
know,
we
have
some
improvement
income
manager
as
well.
B
If
you
remember,
we
probably
released
consumer
groups
for
quite
a
long
time
ago,
but
consumer
growth,
as
well
as
only
supported
by
Dak
and
element
API.
Nowadays,
you
can
actually
using
Code
manager
graphically
great
or
sun
consumers
into
a
consumer.
Growth
now
have.
B
Know
it's
much
easier
than
before
now,
and
also
this
common
manager
version
3.1
is
supporting
secret
management
and
really
show
your
certificate
details
in
the
code
manager,
as
well
as
some
more
tool
tips
being
provided
for
the
plugin
configurations.
B
That's
common
manager
version
simple
one:
I
think
that
is
very
high
level
of
new
features
and
new
plugins.
We
released
being
version
3.1
I.
Think
you
probably
seen
after
about
slides
and
heard
about
enough
series
now
I
think
it's
a
good
time
to
do
the
live
demos,
so
you
can
see
it
in
action
by
yourself.
B
C
C
Okay,
so
hello,
everyone,
my
name,
is
Samuel
I
am
a
software
engineer,
income
and
today
we're
going
to
see
some
of
the
features
of
this
new
plugin
OES
validation.
So
this
plugin,
as
gang
anticipated,
is
meant
to
validate
requests
and
responses
based
on
an
API
specification
that
you
can
provide
in
the
configuration
of
the
plugin.
C
C
So
let's
see
this
in
action
now,
as
I
said
a
while
ago,
this
is
a
very
basic
configuration
of
the
plugin
I'm
passing
the
name
in
this
example
I'm
using
the
pet
store
specification
which
I'm
passing
as
the
API
is
back
parameter
and
then
I'm
setting
this
verbose
response
to
true.
This
basically
allows
to
see
the
reason
for
the
failed
validations
right
in
the
response
body,
so
this
is
useful
for
debugging
purposes.
C
So,
if
I
configure
this
plugin,
you
can
see
that
basically,
all
of
the
validation
properties
are
set
to
True
by
default
and
yeah.
So
this
is
basically
the
the
plugin
being
set
up.
Let
me
just
patch
the
plugin
ID
to
use
later
and
we're
going
to
see
now
what
a
valid
request
looks
like
so,
of
course,
I'm
passing
now
a
valid
body
to
the
path
endpoint,
like
I,
said
we're
using
the
Swagger
Path
store,
so
I'm,
sending
a
post
request
to
the
bat,
endpoint
and
I'm
going
to
pass
a
valid
body.
C
Now,
just
to
see
that
it
returns
a
200,
okay
and
I'm
doing
the
same
with
a
get
request
by
just
fetching
the
pets
that
we
just
posted.
So
we
get
we
that
are,
we
get
our
gorilla
back
with
the
same
ID,
so
we
are
going
to
now
try
to
see
what
happens
when
the
validation
fails,
so
we're
going
to
use
the
same
endpoint
path123
that,
as
we
saw
a
while
ago,
it
expects
a
path
ID
to
be
passed
as
a
required
integer
parameter
here
in
the
path
so
If.
C
Instead
of
passing
a
valid
integer,
I
I,
it
was
any
string,
for
example.
This
should
fail
the
validation
and,
in
fact,
as
you
can
see,
I
hope
you
can
read
it
in
the
message
here.
We
see
a
description
of
this
failure,
so
this
validation
failed
because
the
type
is
wrong.
It
expected
an
integer
and
it
got
a
string,
but,
as
we
saw
a
while
ago,
what
we
can
do,
for
example,
with
this
plugin,
is
to
configure
all
of
these
different
properties
to
change
the
way
the
validation
works.
So,
for
example,
this
last
request
failed.
C
C
And
now
we
have
the
plugin
configured
without
the
URI
parameter,
as
you
can
see
here,
validation.
C
So,
let's
see
something
similar.
This
is
a
valid
request
where
we
are
passing,
as
we
saw
a
while
ago,
a
valid
body,
but
in
our
specification
here
the
pet
that
we're
passing
in
the
body
has
the
name
as
a
required
parameter.
So
now
we
have
the
body
validation
enabled.
So
if
we
remove
the
name
from
here,
we
would
expect
this
to
fail
and
in
fact
we
got
a
for
rendered
by
the
request,
which
explains
that
the
property
name
is
required.
C
We
can
do
something
similar
to
what
we
just
did
disable
the
request
body
validation
in
the
same
plugin,
and
the
same
request
is
going
to
pass
because
this
time
we
don't
basically
do
the
the
body
validation.
So
this
is
going
to
to
the
upstream
and
returning
a
200
okay
response
yeah.
This
is
basically
all
of
the
main
functionalities
I
wanted
to
show
in
this
demo.
C
For
this
plugin
asgan
said
a
while
ago,
it's
also
possible
to
configure
all
of
the
validation
to
report
a
Web
book
with
the
validation
result
and
yeah.
That's
pretty
much
it.
Thank
you.
B
Yeah,
thank
you.
Sami
I
think
now
it's
probably
hand
stamp
to
demo
the
update
and
summer
to
plugin.
B
D
D
So,
let's
start
with
the
cell
plugin.
So
thank
you
again.
My
name
is
Hans
I'm,
a
software
engineer
with
the
home
Gateway
team
and
I'm
going
to
talk
about
the
seml
plugin,
which
is
a
plugin
that
is
used
to
authenticate
web
applications
that
are
deployed
behind
com
web
applications
means
it
always
requires
a
browser
to
be
present
so
that
users
can
go
through
the
IDP
login
flow.
D
The
user
goes
through
the
IDP
login
flow,
and
once
that
is
completed,
they
are
sent
back
to
the
gateway
gateway,
evaluates
the
authentication
result
and
then
sends
the
request
to
the
web
application
server.
So
it's
important
to
understand
that
that
channel
is
really
only
useful
for
web
applications
that
have
a
browser
attached
to
the
user
or
by
the
user.
It
gives
us
a
browser.
D
D
The
configuration
is
like
standard
configuration
where
you
have
to
specify
the
individual
parameters
of
the
sample
provider
in
the
config
that
you
are
sending
to
Kong
the
required
parameters
for
sorry
for
the
quick
scrolling
for
Azure.
Active
directory
are
documented
on
our
page,
so
it
is
relatively
straightforward
following
this,
how
to
style
documentation
to
get
set
up
with
with
a
seml
and
Azure
active
directory.
D
So,
basically,
what
you
do
is
you
create
the
plugin
we
we
have.
We
I've
been
attaching
it
to
what
I
call
the
central
service
here
and
it's
protecting
the
symbol
path.
D
I
have
elided
the
certificate
and
encryption
key
data
and
that
you
have
to
send
when,
when
setting
up
the
service,
so
how
this
looks
like
in
practice
is
when
I
go
to
my
con
installation
to
the
protected
resource
and
realize
I
have
no
session
and
sends
me
to
the
to
Azure
active
directory,
and
here
I
have
to
choose
my
account.
D
D
So
now
what
we
have
here
is,
of
course,
a
session,
and
this
session
is
independent
of
the
sample
session
that
that
we
have,
with
the
provider
it's
possible
to
authenticate
every
request.
So,
if
I
remove
my
session
here
and
reload,
the
thing
then
I
don't
need
to
get
through
the
whole
login
dense,
because
sorry
error
already
has
a
session
for
me
and
they
just
re-establish
it
with
com
foreign.
D
For
those
of
you
who
don't
know
at
Dynamics
is
a
an
application,
Performance
Management
platform,
so
different
parts
of
the
of
an
application
that
is
using
different
servers,
front
and
back-end.
Send
information
to
app
Dynamics
and
app
dynamics.
Consolidates
that
into
a
common
picture
of
requests
that
are
flowing
so
the
com
plugin
for
app
Dynamics,
contributes
to
that
to
that
mechanism
and
sends
information
about
requests
that
are
going
through
Kong
in
the
context
of
a
a
business
transaction
that
is
modeled
in
app
Dynamics.
D
The
configuration
of
the
plur
of
the
app
Dynamics
plugin
is
global
because
we
are
using
the
the
CC
plus
SDK,
which
is
also
mentioned
here.
The
CC
plus
SDK,
delivered
by
Dynamics,
is
a
component
that
we
load
into
the
worker
process
and
that
manages
the
communication
between
the
power
application
and
the
the
app
Dynamics
controller.
D
This
makes
the
installation
of
the
plug-in
a
bit
more
involved
because
for
one
we
cannot
deliver
the
agent
SDK
with
com.
You
need
to
download
it
from
the
Dynamics
site
and
then
the
other,
like
circumstance,
is
that
configuration
of
the
plugin
is
going
through
environment
variables.
So
the
the
the
Kong
environment
needs
to
be
changed
in
order
to
hook
up
the
app
Dynamics
account
with
the
agent.
D
This
means
that
that,
in
effect,
when
configuring,
the
plugin,
it
just
needs
to
be
enabled
there
are
no
parameters
in
the
dynamic
configuration
that
we
have
in
Kong.
Everything
is
going
through
the
common
environment
variables
and
what
I'm
going
to
do
to
demo.
This
is
I'll
just
run
a
script
that
sends
a
couple
of
requests
to
this
configured
instance
of
Kong,
and
then
we
are
going
to
look
at
the
epidemics
UI
to
see
the
requests
that
have
been
flowing.
D
This
409
is
because
the
plugin
was
already
initialized,
so
one
important
aspect
is
to
know
is
that
the
SDK
is
buffering
the
messages
that
we
are
sending.
So
even
though
we
are
sending
requests
through
through
com
now,
and
they
are
also
already
scheduled
to
be
sent
to
app
Dynamics
in
the
app
Dynamics
UI.
If
I
look
here,
we
are
not
going
to
see
them.
D
We
go
to
15
minutes,
so
nothing
is
shown
on
the
scorecard
yet
because
the
messages
are
still
buffered
in
in
the
SDK,
but
I'm
going
to
go
a
bit
back
further
a
bit.
So
so
we
see
some
of
the
transactions
that
have
been
sending
earlier
on.
So
what
we
do
when
sending
business
transactions
to
app
Dynamics
is
we
we
normally
just
send
business
transactions
and
only
if
we
detect
an
error
state
from
the
Upstream
server
like
a
non-positive
non-2
x,
x,
response.
D
We
report
that
as
an
error,
so,
for
example,
I
have
one
error
here.
That
is
a
404
error.
Let
me
see
does
not
exist
sorry,
so
we,
the
the
app
stream
server,
has
returned
a
404
and
now
in
in
app
Dynamics,
we
can
see
this
404
error
and
then
we
also
monitor
execution
or
well
response
time
of
the
Upstream
server.
So
if
the
Upstream
server
is
responding
very
slowly
like
in
the
minutes,
then
we
report
that
also.
D
This
is
basically
what
I
can
show
for
this
plugin.
Thank
you.
B
Yeah
sense
has
so
I
think
we
back
to
the
Q
a
session.
Let
me
read
out
to
the
questions.
Currently
we
got
in
the
Q.
A
the
first
question
is
from
Jim.
What
is
the
Gateway
overhead
scale
and
performance
with
the
OS
stack,
validation,
plugin
Jim?
To
be
honest,
I
don't
have
the
latest
figures
about
the
latency
I
did
or
memory
used
whatsoever,
but
based
on
man
standing.
B
We
probably
will
test
it
out
and
get
some
feelings.
However,
this
is
purely
based
on
how
big
you
just
in
payload
is
and
how
complex
it
is.
So
I
can
only
say
it's,
probably
as
normal
or
fairly
low,
but
I.
B
You
enough
feedback.
The
second
one
is:
there's
a
mock
plugin,
it's
also
from
Jim.
Does
the
mob
plugin
return
Dynamic
response
based
on
the
requested
body,
this
one
I,
don't
think
so,
because
in
the
mock
plugin
we
do
not
implement
they
the
API
logically,
so
the
request
shouldn't
make
any
difference,
especially
request.
Payloads
didn't
make
any
difference
to
the
response
examples
to
returned.
B
The
key
is
actually
the
Past
coming
in
to
this
API
Mock
and
also
the
headers.
Let
me
share
my
screen.
Probably
that
will
make
more
sense.
B
Yeah,
if
you
can
see
my
screen
here,
we
actually
do
is
we're
actually
sending
a
header
say:
x-con
mock
status
code
header.
So
when
we
ping
a
endpoint
of
the
API
at
the
same
time,
we
will
give
you
a
parameters
in
the
header.
Say:
yeah
return
me
the
500
examples.
B
Then
they
actually
return
the
examples
you
write
in
your
definitions,
the
whole
thing
you
have
specs
and
simile.
We
can
actually
give
you
an
example
ID,
for
example.
Here
you,
you
can
have
two
values
to
return
either
power
or
Sasha,
but
you
can
actually
Define
this
in
a
header,
so
the
particular
example
will
be
returned,
so
I
think
it's
based
on
two
things.
One
thing
is
the
header
value
you're
sending
the
other
thing
is
obviously
the
URL
use,
email
plugin.
So
the
request
body
is
not
the
determined
Factor.
B
Yeah
the
summer
one
from
John
Williams.
Why
are
we
pass
it
through?
The
conga
in
the
examples
you
list
about
here?
Is
a
user
already
being
authenticated
and
they're
having
a
summer
token
either.
B
So
if
that
user
is
going
to
make
an
API
call
to
com,
obviously
con
need
to
be
able
to
do
is
to
open
up
that
summer
token
and
be
able
to
interpret
it
to
say
yeah
whether
this
user
is
actually
the
user
they
claim
to
be,
or
actually
this
token
is
issued
by
the
idps
on
its
first
point
fasting,
so
I
think
even
the
scenarios
you
imagine
here
will
actually
need
someone
to
token
to
be
in
place.
B
Otherwise
con
will
not
understand
your
summer
token
and
the
Hans
demo
thing
is
the
SP
initiated
similar
to
authentication
flow
so
which
it
literally
means
cone
will
be
the
first
hit
point
and
that
time
customer
hasn't
got
a
Sumo
token.
In
the
request
header,
then
custom
will
be
directly
back
on
to
do
the
authentication.
What
you
mentioned
is
actually
the
IDP
initiated,
authentication
flow,
so
those
needs
some
of
the
tokens
be
in
place.
B
Falcon
to
be
able
to
interpret
and
validate
this
summer
to
token
is
indeed
a
valid
token
and
the
user
is
a
value
user
to
be
authenticated
so
for
both
I
think
can't
need
this
plugin
to
be
able
to
understand
someone
to
talk.
Hopefully
that
address
your
question
John
next
one
is
the
update.
What
kind
of
performance
impact
can
we
expect
that's
from
action?
B
B
The
reason
for
that
is
because
we're
actually
using
the
native
C
plus
plus
SDK,
provided
by
update
so
cone
plugin,
is
actually
talking
to
the
update
native
C
plus
SDK
agent,
and
the
agent
is
not
going
to
Simply
understand
the
informations
to
the
controller,
but
they
will
buff
it
up
and
you
can
actually
config
an
interval
say
how
often
the
SDK
is
going
to
stand
those
informations
to
controller
so
from
cone
to
that
SDK
locally
is
asynchronous
and
more
or
less
like
stately
sync
underscore,
but
when
this
SDK
is
summed
up
the
transactions,
they
actually
send
it
constantly
in
batch.
B
So
so,
with
this
architecture
in
place,
the
performance
is,
you
know
nearly
now
impact
we're
actually
tested
with
a
very
big
Bank.
It's
probably
added
about
you
know
sometimes
seven
milliseconds
or
20
milliseconds
or
40
milliseconds.
B
Next
one
is
from
shashanks
if
I
pronounce
your
name.
You
know
sorry
about
that.
If
the
response
validation
is
turned
on
in
OAS,
validation
planning,
what
HTTP
status
code
and
error
message
is
returned
by
com.
In
case
of
error,
this
one
I
think.
B
Know
to
be
honest,
okay,
next
question:
oh
yeah,
we
don't
have
any
open
questions.
I
guess
we
answer
all
of
them.
A
A
A
No
worries
cool,
well,
I,
think
that
was
all
of
the
questions.
Thank
you
so
much
gank
Sam.
Hence
you
guys
were
awesome.
Thank
you
very
much.
That
was
our
last
user
call
for
2022
and
yeah
I
want
to
wish
all
of
you
the
great
great
rest
of
the
Year.
Merry
Christmas
happy
New
Year,
if
you're
celebrating-
and
we
hope
to
see
you
in
2023
for
all
of
our
next
events,
bye.