我的书签
添加书签
移除书签key-auth
This works well with a . Consumers of the API can then add their key to the query string or the header to authenticate their requests.
For Consumer:
NOTE: encrypt_fields = {"key"} is also defined in the schema, which means that the field will be stored encrypted in etcd. See .
For Route:
| Name | Type | Requirement | Default | Valid | Description |
|---|---|---|---|---|---|
| header | string | optional | apikey | The header to get the key from. | |
| query | string | optional | apikey | The query string to get the key from. Lower priority than header. | |
| hide_credentials | bool | optional | false | Apache APISIX will pass the request header or query string that contains the authentication information to the Upstream if hide_credentials is false. Otherwise the authentication information will be removed before proxying. |
First you can create a Consumer object through the with a unique key:
You can also use the APISIX Dashboard to complete the operation through a web UI.
First, create a Consumer object:
Once you have created a Consumer object, you can then configure a Route or a Service to authenticate requests:
curl http://127.0.0.1:9180/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '{"methods": ["GET"],"uri": "/index.html","id": 1,},"upstream": {"type": "roundrobin","nodes": {"127.0.0.1:1980": 1}}}'
To fetch the key from a different header than apikey, change the header in the configuration:
"header": "Authorization"}}
After you have configured the Plugin as mentioned above, you can make a request as shown:
HTTP/1.1 200 OK...
curl http://127.0.0.2:9080/index.html -i
curl http://127.0.0.2:9080/index.html -H 'apikey: abcabcabc' -i
HTTP/1.1 401 Unauthorized...
To disable the key-auth Plugin, you can delete the corresponding JSON configuration from the Plugin configuration. APISIX will automatically reload and you do not have to restart for this to take effect.
