# Using Kong Konnect (Kong only)
{% hint style="warning" %}
The new Kong integration using Lua-based attachment plugin for the open-appsec integration is currently in beta. This also applies to the new Kong Konnect schema allowing you to manage this plugin directly from Kong Konnect web UI.
{% endhint %}
### Learn how to activate and configure the open-appsec WAF attachment plugin for Kong from Kong Konnect, Kong's central management web UI
If you are using open-appsec WAF integrated with Kong using the modern, Lua-based plugin (not the classical open-appsec attachment plugin, which integrates on NGINX level), then you can also activate and manage the open-appsec attachment plugin for Kong from Kong Konnect.
{% hint style="warning" %}
While Kong Konnect can be used to activate and manage the Lua-based open-appsec attachment plugin, note that you will continue to manage open-appsec in the usual ways, with local, declarative configuration or by using the [open-appsec web UI](https://my.openappsec.io/).
{% endhint %}
1. **Download the Kong Konnect schema** for the open-appsec attachment plugin:
```bash
wget https://raw.githubusercontent.com/openappsec/attachment/main/attachments/kong/plugins/open-appsec-waf-kong-plugin/schema.lua
```
2. **Login to your Kong Konnect web UI**
3. **Upload the schema file** `schema.lua` for the open-appsec-waf-kong-plugin
Now you should see the open-appsec-waf-kong-plugin listed under "Custom Plugins" in Kong Konnect.
4. **Activate the plugin** in the Kong Konnect web UI by selecting "Enable", then you get to this screen:
Once enabled, the plugin is configured to be applied in "Global" mode by default, which means it will send all traffic to the open-appsec agent for security inspection, alternatively you can select "Scoped" mode here and apply open-appsec security inspection in a custom way only to e.g. to a selected Gateway Service, Route, Consumer or Consumer Group:
For more info on how to use Kong Konnect, see also the official docs available here:
