apisix/doc/plugins/key-auth.md

[中文](key-auth-cn.md)

# Summary
- [**Name**](#name)
- [**Attributes**](#attributes)
- [**How To Enable**](#how-to-enable)
- [**Test Plugin**](#test-plugin)
- [**Disable Plugin**](#disable-plugin)


## Name

`key-auth` is an authentication plugin, it should work with `consumer` together.

Add Key Authentication (also sometimes referred to as an API key) to a Service or a Route. Consumers then add their key either in a querystring parameter or a header to authenticate their requests.

## Attributes

* `key`: different consumer objects should use different values, it should be unique.

## How To Enable

Two steps are required:

1. creates a consumer object, and set the attributes of plugin `key-auth`.

```shell
curl http://127.0.0.1:9080/apisix/admin/consumers -X PUT -d '
{
    "username": "jack",
    "plugins": {
        "key-auth": {
            "key": "auth-one"
        }
    }
}'
```

You can open dashboard with a browser: `http://127.0.0.1:9080/apisix/dashboard/`, to complete the above operation through the web interface, first add a route:
![](../images/plugin/key-auth-1.png)

Then add key-auth plugin:
![](../images/plugin/key-auth-2.png)

2. creates a route or service object, and enable plugin `key-auth`.

```shell
curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d '
{
    "methods": ["GET"],
    "uri": "/index.html",
    "id": 1,
    "plugins": {
        "key-auth": {}
    },
    "upstream": {
        "type": "roundrobin",
        "nodes": {
            "39.97.63.215:80": 1
        }
    }
}'
```

## Test Plugin

Here is a correct test example:

```shell
$ curl http://127.0.0.2:9080/index.html -H 'apikey: keykey' -i
HTTP/1.1 200 OK
...
```

If the request does not set `apikey` correctly, will get a `401` response.

```shell
$ curl http://127.0.0.2:9080/index.html -i
HTTP/1.1 401 Unauthorized
...
{"message":"Missing API key found in request"}

$ curl http://127.0.0.2:9080/index.html -H 'apikey: abcabcabc' -i
HTTP/1.1 401 Unauthorized
...
{"message":"Invalid API key in request"}
```

## Disable Plugin

When you want to disable the `key-auth` plugin, it is very simple,
 you can delete the corresponding json configuration in the plugin configuration,
  no need to restart the service, it will take effect immediately:

```shell
$ curl http://127.0.0.1:2379/v2/keys/apisix/routes/1 -X PUT -d value='
{
    "uri": "/index.html",
    "plugins": {},
    "upstream": {
        "type": "roundrobin",
        "nodes": {
            "39.97.63.215:80": 1
        }
    }
}'
```

The `key-auth` plugin has been disabled now. It works for other plugins.
doc: plugin `ip-restriction` and use 4 spaces to replace `tab`. 2019-09-03 13:53:41 +08:00			`[中文](key-auth-cn.md)`
doc: added doc for plugin `key-auth`. 2019-05-23 21:13:15 +08:00
feature: implemented `consumer` and `key-auth` plugin. 2019-06-06 15:59:30 +08:00			`# Summary`
			`- [Name](#name)`
			`- [Attributes](#attributes)`
			`- [How To Enable](#how-to-enable)`
			`- [Test Plugin](#test-plugin)`
			`- [Disable Plugin](#disable-plugin)`
plugin `key-auth`: added notice context. 2019-06-05 13:25:10 +08:00

feature: implemented `consumer` and `key-auth` plugin. 2019-06-06 15:59:30 +08:00			`## Name`
doc: added doc for plugin `key-auth`. 2019-05-23 21:13:15 +08:00
feature: implemented `consumer` and `key-auth` plugin. 2019-06-06 15:59:30 +08:00			`key-auth` is an authentication plugin, it should work with `consumer` together.

			`Add Key Authentication (also sometimes referred to as an API key) to a Service or a Route. Consumers then add their key either in a querystring parameter or a header to authenticate their requests.`

			`## Attributes`

			* `key`: different consumer objects should use different values, it should be unique.

			`## How To Enable`

			`Two steps are required:`

			1. creates a consumer object, and set the attributes of plugin `key-auth`.

feature: added admin api for consumer. (#135) 2019-06-19 19:14:58 +08:00			```shell
feature: support consumer bind plugins. (#544) * feature: saved consumer plugin information. * feature: supported to merge plugin with consumer and route. 2019-09-22 06:05:58 +08:00			`curl http://127.0.0.1:9080/apisix/admin/consumers -X PUT -d '`
feature: added admin api for consumer. (#135) 2019-06-19 19:14:58 +08:00			`{`
			`"username": "jack",`
doc: plugin `ip-restriction` and use 4 spaces to replace `tab`. 2019-09-03 13:53:41 +08:00			`"plugins": {`
			`"key-auth": {`
feature: support consumer bind plugins. (#544) * feature: saved consumer plugin information. * feature: supported to merge plugin with consumer and route. 2019-09-22 06:05:58 +08:00			`"key": "auth-one"`
doc: plugin `ip-restriction` and use 4 spaces to replace `tab`. 2019-09-03 13:53:41 +08:00			`}`
			`}`
feature: added admin api for consumer. (#135) 2019-06-19 19:14:58 +08:00			`}'`
			```
doc: added doc for plugin `key-auth`. 2019-05-23 21:13:15 +08:00
doc: add screenshots of dashboard operations for docs of some plugins (#546) 2019-09-23 06:13:06 +08:00			You can open dashboard with a browser: `http://127.0.0.1:9080/apisix/dashboard/`, to complete the above operation through the web interface, first add a route:
			`![](../images/plugin/key-auth-1.png)`

			`Then add key-auth plugin:`
			`![](../images/plugin/key-auth-2.png)`

feature: implemented `consumer` and `key-auth` plugin. 2019-06-06 15:59:30 +08:00			2. creates a route or service object, and enable plugin `key-auth`.

feature: added admin api for consumer. (#135) 2019-06-19 19:14:58 +08:00			```shell
			`curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d '`
			`{`
doc: plugin `ip-restriction` and use 4 spaces to replace `tab`. 2019-09-03 13:53:41 +08:00			`"methods": ["GET"],`
			`"uri": "/index.html",`
			`"id": 1,`
			`"plugins": {`
			`"key-auth": {}`
			`},`
			`"upstream": {`
			`"type": "roundrobin",`
			`"nodes": {`
			`"39.97.63.215:80": 1`
			`}`
			`}`
feature: added admin api for consumer. (#135) 2019-06-19 19:14:58 +08:00			`}'`
			```
feature: implemented `consumer` and `key-auth` plugin. 2019-06-06 15:59:30 +08:00
			`## Test Plugin`

			`Here is a correct test example:`

			```shell
doc key-auth: style. 2019-06-06 16:27:09 +08:00			`$ curl http://127.0.0.2:9080/index.html -H 'apikey: keykey' -i`
feature: implemented `consumer` and `key-auth` plugin. 2019-06-06 15:59:30 +08:00			`HTTP/1.1 200 OK`
			`...`
doc: added doc for plugin `key-auth`. 2019-05-23 21:13:15 +08:00			```
feature: implemented `consumer` and `key-auth` plugin. 2019-06-06 15:59:30 +08:00
			If the request does not set `apikey` correctly, will get a `401` response.

			```shell
			`$ curl http://127.0.0.2:9080/index.html -i`
			`HTTP/1.1 401 Unauthorized`
			`...`
			`{"message":"Missing API key found in request"}`

			`$ curl http://127.0.0.2:9080/index.html -H 'apikey: abcabcabc' -i`
			`HTTP/1.1 401 Unauthorized`
			`...`
			`{"message":"Invalid API key in request"}`
			```

			`## Disable Plugin`

doc: plugin `ip-restriction` and use 4 spaces to replace `tab`. 2019-09-03 13:53:41 +08:00			When you want to disable the `key-auth` plugin, it is very simple,
feature: implemented `consumer` and `key-auth` plugin. 2019-06-06 15:59:30 +08:00			`you can delete the corresponding json configuration in the plugin configuration,`
			`no need to restart the service, it will take effect immediately:`

			```shell
doc key-auth: style. 2019-06-06 16:27:09 +08:00			`$ curl http://127.0.0.1:2379/v2/keys/apisix/routes/1 -X PUT -d value='`
feature: implemented `consumer` and `key-auth` plugin. 2019-06-06 15:59:30 +08:00			`{`
doc: plugin `ip-restriction` and use 4 spaces to replace `tab`. 2019-09-03 13:53:41 +08:00			`"uri": "/index.html",`
			`"plugins": {},`
			`"upstream": {`
			`"type": "roundrobin",`
			`"nodes": {`
			`"39.97.63.215:80": 1`
			`}`
			`}`
feature: implemented `consumer` and `key-auth` plugin. 2019-06-06 15:59:30 +08:00			`}'`
			```

doc: plugin `ip-restriction` and use 4 spaces to replace `tab`. 2019-09-03 13:53:41 +08:00			The `key-auth` plugin has been disabled now. It works for other plugins.