Create an RBAC User

    An , like an RBAC User, has the ability to access the Kong Gateway Admin API. The Admin also has the ability log in to Kong Manager. Like an RBAC User, an Admin’s Role will determine the types of actions it can perform—except that they will also have the ability to benefit from Kong Manager’s interface and visualizations.

    If creating a service account for Kong Gateway, e.g., for a machine as part of an automated process, then an RBAC User is adequate.

    If creating a personal account for Kong Gateway, then Admin may be preferable since it also has access to Kong Manager.

    1. From the dashboard, click the Teams tab in the top navigation menu.

    2. On the Teams page, click the RBAC Users tab.

    3. Click the Add New User button to the right of the dropdown menu to open the registration form.

    4. In the Add New User registration form provide a Name, User Token, Comment, and Enablement

      The name of the RBAC User must be globally unique, even if two users are in different Workspaces, and it cannot have the same as an Admin account.

      These naming conventions are important if using OIDC, LDAP, or another external method of identity and access management.

    5. Click the Add User Roles button in the Role(s) per workspace section. Select the Role (or Roles) desired for the new RBAC User.

      If the RBAC User has no Roles assigned, it will not have permission to access any objects.

      An RBAC User’s Role assignments may be altered later if needed.

      The Roles can only belong to one Workspace, as selected in Step 3.

      To provide an RBAC User with access to objects in multiple Workspaces, see Step 3.