Cannot restrict routes to specific consumers via auth plugins

[shubhshah01]

Is there an existing issue for this?

• I have searched the existing issues

Kong version ($ kong version)

3.6

Current Behavior

Say I have 2 consumers each with one JWT credential configured. And I have 2 routes, now when i add JWT plugin for the route i cannot specify the consumer ID as it gives schema violation error (since in plugin schema its not allowed).
Hence the route is accessible by both consumers i.e. via both JWT token.

Expected Behavior

I want a route to be scoped to specfic consumer and if token received is not a valid token considering the scoped consumer, then it should block the request.

Steps To Reproduce

No response

Anything else?

No response

[StarlightIbuki]

@oowl This sounds like a bug fixed by you. Do you have any idea?

[shubhshah01]

@oowl do you have any insights or suggestions on how I could address this issue?

[Water-Melon]

Perhaps you could try using it with the ACL plugin to achieve this goal.