public-api

When you are using custom Plugins, you can use the public-api Plugin to define a fixed, public API for a particular functionality. For example, you can create a public API endpoint /apisix/plugin/jwt/sign for JWT authentication using the Plugin.

note

The public API added in a custom Plugin is not exposed by default and the user should manually configure a Route and enable the public-api Plugin on it.

The example below uses the Plugin and the key-auth Plugin along with the public-api Plugin. Refer to their documentation for it configuration. This step is omitted below and only explains the configuration of the public-api Plugin.

Now, if you make a request to the configured URI, you will receive a JWT response:

  1. curl 'http://127.0.0.1:9080/apisix/plugin/jwt/sign?key=user-key'

You can also use a custom URI for exposing the API as shown below:

  1. curl -X PUT 'http://127.0.0.1:9180/apisix/admin/routes/r2' \
  2.     -H 'X-API-KEY: <api-key>' \
  3.     -d '{
  4.     "uri": "/gen_token",
  6.         "public-api": {
  7.             "uri": "/apisix/plugin/jwt/sign"
  8.         }
  9.     }
  10. }'

Now you can make requests to this new endpoint:

  1. curl -X PUT 'http://127.0.0.1:9180/apisix/admin/routes/r2' \
  2.     -H 'X-API-KEY: <api-key>' \
  3.     -H 'Content-Type: application/json' \
  4.     "uri": "/gen_token",
  6.         "public-api": {
  7.             "uri": "/apisix/plugin/jwt/sign"
  8.         },
  9.         "key-auth": {}
  10.     }
  11. }'

Now, only authenticated requests are allowed:

  1. curl -i 'http://127.0.0.1:9080/gen_token?key=user-key' \
  2.     -H "apikey: test-apikey"

The below request will fail:

  1. curl -i 'http://127.0.0.1:9080/gen_token?key=user-key'

    To disable the public-api Plugin, you can delete the corresponding JSON configuration from the Plugin configuration. APISIX will automatically reload and you do not have to restart for this to take effect.