Public Ideas Portal
What is the impact? : Since to map the user details customer is asked to use the Kong Konnect API over the Global URL and it could be a risk as the user details which are in customer's Konnect interfaces could be accessible to people from outside of the customer's network if Konnect API’s are not restricted.
What challenge would this feature resolve? It's more of a security concern for the user data could be easily accessed from outside and we might need to restrict the access to customer's Konnect APIs over the internet.
The above information was sent from the customer - currently, their environment is on-prem and they're looking for a private connection when they call on global.api.konghq.com to get user details that map to Principal ID to enhance the audit logs.
