Adding tutorials for integrating Asgardeo with KONG and WSO2 AI Gateways for agent identity management

[AkinduH]

Purpose

This pull request adds two new end-to-end tutorials to the Asgardeo documentation, focusing on integrating Asgardeo with both WSO2 AI Gateway and Kong AI Gateway for agent identity-aware access control. These tutorials provide detailed, step-by-step guides for securely managing non-human agents in multi-agent AI systems, including configuration of identity, roles, scopes, routing, authorization, and rate limiting.

New Tutorials and Documentation Updates:

• Added links to two new tutorials in the main tutorials index: "Integrating Asgardeo With WSO2 AI Gateway for Agent Identity-Aware Access Control" and "Integrating Asgardeo With Kong AI Gateway for Agent Identity-Aware Access Control".

• Added new tutorial files that include the respective content for integrating Asgardeo with WSO2 AI Gateway (integrating-asgardeo-with-wso2-ai-gateway-for-agent-identity-aware-access-control.md) and Kong AI Gateway (integrating-asgardeo-with-kong-ai-gateway-for-agent-identity-aware-access-control.md). [1] [2]

Tutorial Content Additions:

• Created comprehensive, illustrated guides for both integrations, covering:
  • Use case scenarios for multi-agent AI systems in enterprise support.
  • Step-by-step Asgardeo configuration for agent identities, roles, and scopes.
  • Detailed gateway configuration (WSO2 Bijira and Kong Konnect), including API proxies/services, routing, authorization policies, and rate limiting.
  • Instructions for testing the integrations with a sample repository. [1] [2]

Summary by CodeRabbit

• Documentation
  • Added a step-by-step tutorial for integrating Asgardeo with the WSO2 AI Gateway for agent identity-aware access control, including configuration and verification guidance.
  • Added a step-by-step tutorial for integrating Asgardeo with the Kong AI Gateway for agent identity-aware access control.
  • Updated the Tutorials index to link both new integration guides and related resources.

[coderabbitai]

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

• @coderabbitai resume to resume automatic reviews.
• @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

• ▶️ Resume reviews
• 🔍 Trigger review

Walkthrough

Adds two tutorial pages and corresponding include files documenting integration patterns between Asgardeo and the Kong and WSO2 AI Gateways for agent identity-aware access control (architecture, Asgardeo setup, gateway configuration, and verification).

Changes

Cohort / File(s)	Summary
Tutorial Index en/asgardeo/docs/tutorials/index.md	Added links to the Kong and WSO2 AI Gateway integration tutorials.
Kong AI Gateway (template + include) en/asgardeo/docs/tutorials/integrating-asgardeo-with-kong-ai-gateway-for-agent-identity-aware-access-control.md, en/includes/tutorials/integrating-asgardeo-with-kong-ai-gateway-for-agent-identity-aware-access-control.md	New template sets product_name = "Asgardeo" and an included tutorial fragment provides a full guide: use case, architecture, Asgardeo configuration (app, roles, agent registration), Kong setup (service, two header-routed routes, OIDC per route, AI Proxy plugins, token stripping transformer), and rate-limiting/model budget controls.
WSO2 AI Gateway (template + include) en/asgardeo/docs/tutorials/integrating-asgardeo-with-wso2-ai-gateway-for-agent-identity-aware-access-control.md, en/includes/tutorials/integrating-asgardeo-with-wso2-ai-gateway-for-agent-identity-aware-access-control.md	New template sets product_name = "Asgardeo" and an included tutorial fragment provides a full guide: use case, architecture, Asgardeo configuration (application, scopes/roles, agent registration), WSO2 AI Gateway proxy and policy setup, Asgardeo as external IdP, resource-level policies, token-based rate limiting, and verification steps with sample repo links.

Sequence Diagram(s)

mermaid
sequenceDiagram
participant Client
participant AI_Gateway as AI Gateway
participant Asgardeo
participant Model as Model Provider
Client->>AI_Gateway: Send request with agent token + headers
AI_Gateway->>Asgardeo: Validate token / introspect / fetch roles
Asgardeo-->>AI_Gateway: Token validity and role/scope claims
AI_Gateway->>AI_Gateway: Apply route-specific plugins (OIDC, AI Proxy, rate limits)
AI_Gateway->>Model: Forward transformed request (budgeted)
Model-->>AI_Gateway: Model response
AI_Gateway-->>Client: Return response

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Poem

🐰 I hopped through docs with a curious nose,
Two gateways taught me how agent-auth flows.
Tokens checked and routes aligned,
Roles and budgets neatly signed —
A little nibble of secure repose.

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Description check	⚠️ Warning	The description covers Purpose with comprehensive details but lacks required sections: Related PRs, Test environment, and Security checks from the template.	Add Related PRs, Test environment, and Security checks sections to match the repository's required PR description template.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly summarizes the main change: adding two tutorials for integrating Asgardeo with KONG and WSO2 AI Gateways for agent identity management.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

🤖 Fix all issues with AI agents

In
`@en/includes/tutorials/integrating-asgardeo-with-wso2-ai-gateway-for-agent-identity-aware-access-control.md`:
- Line 110: Replace the grammatically incorrect phrase "the both proxies" in the
sentence that reads "Make sure you configure Backend Settings and Deploy the
both proxies to development and Production Environments." with "both proxies"
(e.g., change to "Make sure you configure Backend Settings and deploy both
proxies to Development and Production environments.") and normalize
capitalization of "deploy" and "environments" to match surrounding style.
- Line 166: The link to WSO2 Bijira guardrails in the sentence containing the
URL "https://wso2.com/bijira/docs/create-api-proxy/third-party-apis/guardrails/"
is returning HTTP 403; either replace it with a correct public documentation
URL, add a note that the page requires special access/credentials, or remove the
link and provide an alternative public reference or an inline summary of the
guardrails; update the sentence in the markdown file to use the corrected URL or
the access note so users are not led to a forbidden page.

[coderabbitai]

Actionable comments posted: 2

🤖 Fix all issues with AI agents

In
`@en/includes/tutorials/integrating-asgardeo-with-wso2-ai-gateway-for-agent-identity-aware-access-control.md`:
- Around line 104-107: Replace the incorrect model name "gpt-4o mini" with the
hyphenated Azure model ID `gpt-4o-mini` wherever it appears in the tutorial (the
line listing models alongside `gpt-5`), so API calls/configuration references
use the correct `gpt-4o-mini` identifier expected by Azure OpenAI and WSO2
Bijira's AI Gateway.
- Around line 45-47: Replace the current guidance that adds "Allowed grant
types: Password", enables the "public client", and uses the Password grant for
agent auth with instructions to use the Client Credentials (M2M) flow: register
the agent in the Asgardeo Console as an M2M application, enable the Client
Credentials grant type instead of Password, do not make it a public client,
securely persist the Agent ID and secret, and request tokens with
grant_type=client_credentials and the appropriate scopes; keep the "Access Token
type" as JWT and map required roles via "Access Token Attributes" when issuing
the token.

[coderabbitai]

Actionable comments posted: 1

🤖 Fix all issues with AI agents

In
`@en/includes/tutorials/integrating-asgardeo-with-wso2-ai-gateway-for-agent-identity-aware-access-control.md`:
- Around line 97-98: Replace the phrase "back-end Settings" with "backend
settings" in the list item text (the sentence starting "After creation,
configure ... and deploy it to Development and Production Environments.");
ensure the casing matches surrounding style (lowercase "backend settings") and
leave "Development" and "Production Environments" as-is unless other style
guidance requires change.