Kong Outage History

Kong is up right now

There were 17 Kong outages since February 2, 2026 totaling 594h 2m of downtime. Each is summarised below — incident details, duration, and resolution information.

Source: https://kong.statuspage.io

Major April 10, 2026

Loss of analytics payload from data plane node (US Only)

Detected by Pingoru
Apr 10, 2026, 06:07 PM UTC
Resolved
Apr 10, 2026, 09:11 PM UTC
Duration
3h 4m
Affected: Kong Konnect Cloud
Timeline · 5 updates
  1. investigating Apr 10, 2026, 06:07 PM UTC

    Some analytics data in the US may be experiencing data loss. We are currently investigating the cause of this issue and will provide updates as they become available.

  2. identified Apr 10, 2026, 06:21 PM UTC

    We have identified the issue and are working on a fix

  3. identified Apr 10, 2026, 06:41 PM UTC

    We have a fix and are rolling the change out. We will begin monitoring the situation closely and will provide another update once the rollout is complete.

  4. monitoring Apr 10, 2026, 07:00 PM UTC

    We have rolled out the fix and will continue monitoring the situation. The system is now functioning as expected, but we are keeping a close eye on performance to ensure stability. We will provide another update if any issues arise.

  5. resolved Apr 10, 2026, 09:11 PM UTC

    This incident has been resolved.

Read the full incident report →

Notice April 9, 2026

OIDC tls_client_auth_ssl_verify field defaulted to `false` for new updates not explicitly setting the property

Detected by Pingoru
Apr 09, 2026, 06:06 PM UTC
Resolved
Apr 09, 2026, 06:06 PM UTC
Duration
Affected: Kong Konnect Cloud
Timeline · 1 update
  1. resolved Apr 09, 2026, 06:06 PM UTC

    Customers running 3.13 and below who use the OIDC plugin with `tls_client_auth_ssl_verify` unset would have seen this value change to `false` if they updated the config after the rollback of new defaults following the 3.14 release. The rollback incorrectly flipped the oidc plugin tls_client_auth_ssl_verify to false as a default, which was not one of the items recently switched to default true and has instead been defaulted true for some time. We have rolled out a fix to prod to change this default back to true. Updates to the OIDC plugin should once again keep this value set to true if not specifically defined.

Read the full incident report →

Major April 8, 2026

Konnect Control Plane Default Changes due to 3.14 Release and Secure by Default

Detected by Pingoru
Apr 08, 2026, 04:20 PM UTC
Resolved
Apr 08, 2026, 09:33 PM UTC
Duration
5h 13m
Affected: Kong Konnect Cloud
Timeline · 3 updates
  1. investigating Apr 08, 2026, 04:20 PM UTC

    With the release of 3.14 and changes to default security settings for Kong’s secure by default initiatives, Konnect customers running dataplanes less than 3.14 and updating certain plugins without providing overrides to the new defaults began experiencing the following issues: Konnect would begin reporting that a default had been overridden that did not apply to the connected dataplane. This is a warning that Konnect gives when the configuration on Konnect control plane appears to have user-defined changes that do not apply to the dataplane version the customer is using. This message is provided to avoid a user configuring properties on a plugin that their dataplane would not utilize, to make it clear to users why a new field isn’t taking effect. Since our defaults changed, this caused the reporting in some cases to see this as an ‘override’ if the configuration didn’t match the new default, causing the message. This had no impact on dataplane configurations or behavior, but it was a confusing message, and we have removed it. The second and more impactful issue is the updating of default values in 3.14. After the 3.14 release, some fields like ssl_verify and hide_credentials in various entities started defaulting to true instead of false . This is causing customers who run a deck sync without these fields defined, will see their config values change from false to true which is an issue. Konnect is working on rolling back to the old default values. Once the default values are restored on the API, the next time the config is updated without the default values, the previous values will be applied. Plugins using ssl_verify: ace acme ai-aws-guardrail ai-azure-content-safety ai-llm-as-judge ai-proxy-advanced ai-rag-injector ai-rate-limiting-advanced ai-request-transformer ai-response-transformer ai-semantic-cache ai-semantic-prompt-guard ai-semantic-response-guard aws-lambda azure-functions basic-auth confluent confluent-consume datakit forward-proxy graphql-proxy-cache-advanced graphql-rate-limiting-advanced header-cert-auth http-log jwt-signer kafka-consume kafka-log kafka-upstream ldap-auth ldap-auth-advanced mtls-auth opa openid-connect proxy-cache-advanced rate-limiting rate-limiting-advanced request-callout response-ratelimiting saml service-protection tcp-log upstream-oauth Plugins using hide_credentials: Key-auth Key-auth-enc Basic-auth Hmac-authldap-auth Oauth2 Oauth2-introspection vault-auth (EE) ldap-auth-advanced (EE)

  2. identified Apr 08, 2026, 04:20 PM UTC

    The issue has been identified and a fix is being implemented.

  3. resolved Apr 08, 2026, 09:33 PM UTC

    We have completed the rollback to the original default values. Customers applying their configurations without explicitly defining ssl_verify and hide_credentials will default to `false` again.

Read the full incident report →

Notice April 2, 2026

Some Dataplanes could incorrectly show mismatches between expected_hash and their config version

Detected by Pingoru
Apr 02, 2026, 09:47 PM UTC
Resolved
Apr 02, 2026, 07:00 PM UTC
Duration
Timeline · 1 update
  1. resolved Apr 02, 2026, 09:47 PM UTC

    On 4/2/2026. Konnect introduced a change as part of our 'secure by default' initiatives for the upcoming 3.14 release, which caused expected_hash syncing issues for some customers' data planes. For background, when a data plane connects to the Konnect control plane, the configuration is produced for that specific version of the Kong gateway. A configuration hash is calculated based off of the produced config, and stored as the expected config hash. When configuration changes occur, the control plane calculates the new configuration, broadcasts it to the connected data planes, and updates to the new expected hash. The issue here was the preparation of the control plane for supporting SHA256 to store credential hashes. When this change was introduced, it resulted in a minor structural difference in the produced configuration, but no actual change to the configurations occurred. This led to the same configuration yielding a different hash before and after the deploy. The way this could get a data plane to report 'out of sync' was the following: - A data plane is connected and in sync with DP hash and Expected Config Hash `a111111a` - The data plane is disconnected/reconnected, and since it is still in sync with DP hash and Expected Config Hash `a111111a`, a new config is not calculated - The change to embed SHA256 support in the control plane is deployed - A new data plane connects with no config loaded, and reports an empty config to the Control Plane - The control plane generates the slightly altered config, and ends up with a new config hash, which updates the expected config hash to `b22222b` - Since no configuration change occurred, the data planes already connected and on `1aaaaaa1` would not have been pushed a change event, and would still be running the same configuration as `b222222b` but the hash would not match, causing the DPs to appear out of sync Note: Once *any* change to the control plane configuration occurred, a new config event would have been delivered, and all previous data planes would have been updated to the hash based on the new structure. Additionally, if an impacted data plane were to disconnect and reconnect, they also would have been brought into sync with the new hash. The issue was the system failing to consider the new hash as an 'event' since it did not change configured proxy behavior. To address this in the short term, the Konnect engineering team has ensured structural changes like this which result in a config hash will trigger a configuration change event, even when no config has changed. To address this in the long term, Konnect is moving to a config version tracking methodology that will not be impacted by structural, non-behavioral changes as the hash is.

Read the full incident report →

Notice April 1, 2026

Interacting with PATs in a degraded state

Detected by Pingoru
Apr 01, 2026, 07:18 PM UTC
Resolved
Apr 01, 2026, 08:17 PM UTC
Duration
59m
Affected: Kong Konnect Cloud
Timeline · 3 updates
  1. monitoring Apr 01, 2026, 07:18 PM UTC

    Creating, Reading, & Deleting PATs through the API & UI is degraded. This does not impact authentication with PATs.

  2. monitoring Apr 01, 2026, 07:19 PM UTC

    The issue has been resolved and we are now monitoring.

  3. resolved Apr 01, 2026, 08:17 PM UTC

    This incident has been resolved.

Read the full incident report →

Notice April 1, 2026

Some Dataplanes Incorrectly Reporting Out of Sync

Detected by Pingoru
Apr 01, 2026, 06:30 AM UTC
Resolved
Apr 01, 2026, 06:30 AM UTC
Duration
Affected: Kong Konnect Cloud
Timeline · 1 update
  1. resolved Apr 02, 2026, 09:49 PM UTC

    On 4/2/2026. Konnect introduced a change as part of our 'secure by default' initiatives for the upcoming 3.14 release, which caused expected_hash syncing issues for some customers' data planes. For background, when a data plane connects to the Konnect control plane, the configuration is produced for that specific version of the Kong gateway. A configuration hash is calculated based off of the produced config, and stored as the expected config hash. When configuration changes occur, the control plane calculates the new configuration, broadcasts it to the connected data planes, and updates to the new expected hash. The issue here was the preparation of the control plane for supporting SHA256 to store credential hashes. When this change was introduced, it resulted in a minor structural difference in the produced configuration, but no actual change to the configurations occurred. This led to the same configuration yielding a different hash before and after the deploy. The way this could get a data plane to report 'out of sync' was the following: - A data plane is connected and in sync with DP hash and Expected Config Hash `a111111a` - The data plane is disconnected/reconnected, and since it is still in sync with DP hash and Expected Config Hash `a111111a`, a new config is not calculated - The change to embed SHA256 support in the control plane is deployed - A new data plane connects with no config loaded, and reports an empty config to the Control Plane - The control plane generates the slightly altered config, and ends up with a new config hash, which updates the expected config hash to `b22222b` - Since no configuration change occurred, the data planes already connected and on `1aaaaaa1` would not have been pushed a change event, and would still be running the same configuration as `b222222b` but the hash would not match, causing the DPs to appear out of sync Note: Once *any* change to the control plane configuration occurred, a new config event would have been delivered, and all previous data planes would have been updated to the hash based on the new structure. Additionally, if an impacted data plane were to disconnect and reconnect, they also would have been brought into sync with the new hash. The issue was the system failing to consider the new hash as an 'event' since it did not change configured proxy behavior. To address this in the short term, the Konnect engineering team has ensured structural changes like this which result in a config hash will trigger a configuration change event, even when no config has changed. To address this in the long term, Konnect is moving to a config version tracking methodology that will not be impacted by structural, non-behavioral changes as the hash is.

Read the full incident report →

Critical March 19, 2026

Dev Portals unreachable in ME region

Detected by Pingoru
Mar 19, 2026, 04:30 PM UTC
Resolved
Mar 19, 2026, 06:56 PM UTC
Duration
2h 25m
Affected: Kong Konnect Cloud
Timeline · 4 updates
  1. investigating Mar 19, 2026, 04:30 PM UTC

    We are investigating an issue with Dev Portals in ME region.

  2. monitoring Mar 19, 2026, 04:36 PM UTC

    Dev Portals have recovered in the ME region. We are continuing to monitor the situation.

  3. monitoring Mar 19, 2026, 04:39 PM UTC

    We are continuing to monitor for any further issues.

  4. resolved Mar 19, 2026, 06:56 PM UTC

    This incident has been resolved.

Read the full incident report →

Critical March 18, 2026

Degradation in ME region impacting DevPortal, Debugger, and node listing.

Detected by Pingoru
Mar 18, 2026, 08:13 PM UTC
Resolved
Mar 18, 2026, 08:45 PM UTC
Duration
31m
Affected: Kong Konnect Cloud
Timeline · 4 updates
  1. investigating Mar 18, 2026, 08:13 PM UTC

    We are investigating possible degradation in the ME region that may be impacting Debugger and node listing.

  2. identified Mar 18, 2026, 08:45 PM UTC

    We have identified the issue and are taking action to remove the affected instance.

  3. monitoring Mar 18, 2026, 08:46 PM UTC

    We have corrected the issue and are actively monitoring the situation.

  4. resolved Mar 19, 2026, 07:38 PM UTC

    This incident has been resolved.

Read the full incident report →

Minor March 8, 2026

Konnect Singapore Region - Partial Degradation - Portal Emails and Application Registration Delayed

Detected by Pingoru
Mar 08, 2026, 08:23 PM UTC
Resolved
Mar 08, 2026, 11:39 PM UTC
Duration
3h 15m
Affected: Kong Konnect Cloud
Timeline · 4 updates
  1. investigating Mar 08, 2026, 08:23 PM UTC

    The team is scaling up the message handling infrastructure to process the backlog. However, ongoing maintenance by our cloud service provider in the area is impacting our ability to scale the infrastructure. We will update as we are able to take further actions.

  2. monitoring Mar 08, 2026, 09:29 PM UTC

    The cloud server provider has completed the maintenance. The message handling infrastructure is operating as expected and the backlog has been processed. We are continuing to monitor.

  3. monitoring Mar 08, 2026, 10:34 PM UTC

    We are continuing to monitor for further issues with message processing.

  4. resolved Mar 08, 2026, 11:39 PM UTC

    This incident has been resolved.

Read the full incident report →

Major March 4, 2026

Kong Identity is unable to mint tokens in all regions

Detected by Pingoru
Mar 04, 2026, 10:09 PM UTC
Resolved
Mar 04, 2026, 11:00 PM UTC
Duration
51m
Affected: Kong Konnect Cloud
Timeline · 5 updates
  1. identified Mar 04, 2026, 10:09 PM UTC

    Kong Identity is unable to mint tokens in all regions. The team has identified the issue and is applying a fix.

  2. identified Mar 04, 2026, 10:09 PM UTC

    We are continuing to work on a fix for this issue.

  3. identified Mar 04, 2026, 10:30 PM UTC

    Fix has been applied for all auth servers in the US and EU. Updating other regions currently.

  4. monitoring Mar 04, 2026, 10:35 PM UTC

    The fix has been applied to all regions. We are actively monitoring.

  5. resolved Mar 04, 2026, 11:00 PM UTC

    This incident has been resolved.

Read the full incident report →

Notice March 3, 2026

Increase in dropped dataplane connections and re-connections on US Konnect Control Plane

Detected by Pingoru
Mar 03, 2026, 05:23 PM UTC
Resolved
Mar 03, 2026, 03:30 PM UTC
Duration
Timeline · 1 update
  1. resolved Mar 03, 2026, 05:23 PM UTC

    From 15:25z to 15:35z, the Konnect Control Plane saw an increase in dropped connections and re-connections in the US region from connected dataplanes. Dataplanes automatically re-connect when a connection is dropped, so there should be no observed impact, but customers may have noticed an increase in log volume if re-connections were occurring during this window.

Read the full incident report →

Minor February 25, 2026

Delays in propagating Access Control Enforcement (ACE) changes to Dataplanes in US Region

Detected by Pingoru
Feb 25, 2026, 12:17 PM UTC
Resolved
Feb 25, 2026, 02:57 PM UTC
Duration
2h 39m
Affected: Kong Konnect Cloud
Timeline · 4 updates
  1. investigating Feb 25, 2026, 12:17 PM UTC

    In the US Region of Konnect, changes relating to the ACE plugin are being delayed in their delivery to customer data planes. The changes that are delayed are: - Changes to ACE-managed API entity operations - App registrations to ACE-managed APIs

  2. investigating Feb 25, 2026, 12:21 PM UTC

    We are continuing to investigate this issue.

  3. monitoring Feb 25, 2026, 12:50 PM UTC

    A fix has been implemented, and the delays in delivery have been resolved. We are continuing to monitor the issue.

  4. resolved Feb 25, 2026, 02:57 PM UTC

    The issue has been resolved. Delivery is now operating as expected.

Read the full incident report →

Major February 23, 2026

Partial Outage on Konnect Control Plane

Detected by Pingoru
Feb 23, 2026, 11:32 AM UTC
Resolved
Feb 23, 2026, 11:51 AM UTC
Duration
19m
Affected: Kong Konnect Cloud
Timeline · 3 updates
  1. investigating Feb 23, 2026, 11:32 AM UTC

    We are currently investigating a partial outage affecting the control plane in the US region. While some API requests are processing successfully, please note that configuration changes are not currently propagating to data plane nodes. Existing traffic on the data plane remains unaffected.

  2. monitoring Feb 23, 2026, 11:43 AM UTC

    A fix has been implemented and configuration changes are now propagating correctly to data plane nodes

  3. resolved Feb 23, 2026, 11:51 AM UTC

    This incident has been resolved.

Read the full incident report →

Minor February 20, 2026

Elevated error rate on Search and Analytics APIs

Detected by Pingoru
Feb 20, 2026, 02:51 PM UTC
Resolved
Feb 20, 2026, 05:35 PM UTC
Duration
2h 44m
Affected: Kong Konnect Cloud
Timeline · 4 updates
  1. investigating Feb 20, 2026, 02:51 PM UTC

    In the US geo, some users are experiencing an elevated error rate on some search and analytics APIs

  2. identified Feb 20, 2026, 03:52 PM UTC

    The issue has been identified and a fix is being implemented.

  3. monitoring Feb 20, 2026, 05:06 PM UTC

    A fix has been implemented and we are monitoring the results.

  4. resolved Feb 20, 2026, 05:35 PM UTC

    This incident has been resolved.

Read the full incident report →

Notice February 11, 2026

Login page display degradation for some users - Login capability unaffected

Detected by Pingoru
Feb 11, 2026, 01:14 AM UTC
Resolved
Feb 11, 2026, 06:17 AM UTC
Duration
5h 2m
Affected: Kong Konnect Cloud
Timeline · 3 updates
  1. identified Feb 11, 2026, 01:14 AM UTC

    Some users may experience visual rendering issues on the Konnect login page, causing the page to appear broken or improperly formatted. Login functionality remains operational - users can still successfully authenticate despite the degraded appearance. The issue is intermittent and may resolve upon page refresh.

  2. monitoring Feb 11, 2026, 04:32 AM UTC

    A fix has been implemented and we are monitoring the results.

  3. resolved Feb 11, 2026, 06:17 AM UTC

    This incident has been resolved.

Read the full incident report →

Minor February 8, 2026

Provisioning failures for serverless gateways

Detected by Pingoru
Feb 08, 2026, 11:13 AM UTC
Resolved
Feb 09, 2026, 10:21 AM UTC
Duration
23h 7m
Affected: Kong Konnect Cloud
Timeline · 4 updates
  1. investigating Feb 08, 2026, 11:13 AM UTC

    We are currently investigating an issue with provisioning of new serverless gateways.

  2. identified Feb 08, 2026, 12:28 PM UTC

    The issue has been identified and a fix is being deployed.

  3. monitoring Feb 08, 2026, 12:33 PM UTC

    A fix has been implemented and serverless gateways are now provisioning normally. We will continue to monitor the issue.

  4. resolved Feb 09, 2026, 10:21 AM UTC

    This incident has been resolved.

Read the full incident report →

Major February 2, 2026

Proactive notification: Rolling out a new permissions system for Konnect

Detected by Pingoru
Feb 02, 2026, 08:33 PM UTC
Resolved
Feb 25, 2026, 12:20 PM UTC
Duration
22d 15h
Affected: Kong Konnect Cloud
Timeline · 2 updates
  1. monitoring Feb 02, 2026, 08:33 PM UTC

    We are progressively rolling out a new permissions system for Konnect. We are actively monitoring the rollout and don't expect customers to experience any access issues. Please contact support if you experience any issues.

  2. resolved Feb 25, 2026, 12:20 PM UTC

    This incident has been resolved.

Read the full incident report →

Looking to track Kong downtime and outages?

Pingoru polls Kong's status page every 5 minutes and alerts you the moment it reports an issue — before your customers do.

  • Real-time alerts when Kong reports an incident
  • Email, Slack, Discord, Microsoft Teams, and webhook notifications
  • Track Kong alongside 5,000+ providers in one dashboard
  • Component-level filtering
  • Notification groups + maintenance calendar
Start monitoring Kong for free

5 free monitors · No credit card required