2019-09-03 13:53:41 +08:00
[中文 ](key-auth-cn.md )
2019-05-23 21:13:15 +08:00
2019-06-06 15:59:30 +08:00
# Summary
- [**Name** ](#name )
- [**Attributes** ](#attributes )
- [**How To Enable** ](#how-to-enable )
- [**Test Plugin** ](#test-plugin )
- [**Disable Plugin** ](#disable-plugin )
2019-06-05 13:25:10 +08:00
2019-06-06 15:59:30 +08:00
## Name
2019-05-23 21:13:15 +08:00
2019-06-06 15:59:30 +08:00
`key-auth` is an authentication plugin, it should work with `consumer` together.
Add Key Authentication (also sometimes referred to as an API key) to a Service or a Route. Consumers then add their key either in a querystring parameter or a header to authenticate their requests.
## Attributes
* `key` : different consumer objects should use different values, it should be unique.
## How To Enable
Two steps are required:
1. creates a consumer object, and set the attributes of plugin `key-auth` .
2019-06-19 19:14:58 +08:00
```shell
curl http://127.0.0.1:9080/apisix/admin/consumers -X PUT -d '
{
"username": "jack",
2019-09-03 13:53:41 +08:00
"plugins": {
"key-auth": {
"key": "keykey"
}
}
2019-06-19 19:14:58 +08:00
}'
```
2019-05-23 21:13:15 +08:00
2019-06-06 15:59:30 +08:00
2. creates a route or service object, and enable plugin `key-auth` .
2019-06-19 19:14:58 +08:00
```shell
curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d '
{
2019-09-03 13:53:41 +08:00
"methods": ["GET"],
"uri": "/index.html",
"id": 1,
"plugins": {
"key-auth": {}
},
"upstream": {
"type": "roundrobin",
"nodes": {
"39.97.63.215:80": 1
}
}
2019-06-19 19:14:58 +08:00
}'
```
2019-06-06 15:59:30 +08:00
## Test Plugin
Here is a correct test example:
```shell
2019-06-06 16:27:09 +08:00
$ curl http://127.0.0.2:9080/index.html -H 'apikey: keykey' -i
2019-06-06 15:59:30 +08:00
HTTP/1.1 200 OK
...
2019-05-23 21:13:15 +08:00
```
2019-06-06 15:59:30 +08:00
If the request does not set `apikey` correctly, will get a `401` response.
```shell
$ curl http://127.0.0.2:9080/index.html -i
HTTP/1.1 401 Unauthorized
...
{"message":"Missing API key found in request"}
$ curl http://127.0.0.2:9080/index.html -H 'apikey: abcabcabc' -i
HTTP/1.1 401 Unauthorized
...
{"message":"Invalid API key in request"}
```
## Disable Plugin
2019-09-03 13:53:41 +08:00
When you want to disable the `key-auth` plugin, it is very simple,
2019-06-06 15:59:30 +08:00
you can delete the corresponding json configuration in the plugin configuration,
no need to restart the service, it will take effect immediately:
```shell
2019-06-06 16:27:09 +08:00
$ curl http://127.0.0.1:2379/v2/keys/apisix/routes/1 -X PUT -d value='
2019-06-06 15:59:30 +08:00
{
2019-09-03 13:53:41 +08:00
"uri": "/index.html",
"plugins": {},
"upstream": {
"type": "roundrobin",
"nodes": {
"39.97.63.215:80": 1
}
}
2019-06-06 15:59:30 +08:00
}'
```
2019-09-03 13:53:41 +08:00
The `key-auth` plugin has been disabled now. It works for other plugins.