The concept of zero-trust security is relatively simple. In essence, no entity or system should have trust by default. You should assume that any system you are talking to is not trustworthy until you establish otherwise. Within Kong Konnect, one mechanism to apply zero-trust is the OpenID Connect API gateway plugin. In this post and the below recording from our recent Destination: Zero-Trust virtual event, I’ll cover OpenID at a high level and some of its applications and use cases.