Skip to content
|
You are browsing the Kong Gateway documentation archive. This documentation is no longer actively maintained.
See the latest Kong Gateway documentation.
Kong Gateway Enterprise [ARCHIVE]
1.3-x

PermalinkEnable Basic Auth in the Dev Portal

PermalinkIntroduction

The Kong Developer Portal can be fully or partially authenticated using HTTP protocol’s Basic Authentication scheme. Requests will be sent with the Authorization header that contains the word Basic followed by the base64-encoded username:password string.

Basic Authentication for the Dev Portal can be enabled in three ways:

Warning Enabling authentication in the Dev Portal requires use of the Sessions plugin. Developers will not be able to login if this is not set properly. More information about Sessions in the Dev Portal

PermalinkEnable Portal Session Config

In the the Kong configuration file set the portal_session_conf property:

portal_session_conf={ "cookie_name": "portal_session", "secret": "CHANGE_THIS", "storage": "kong" }

If using HTTP while testing, include "cookie_secure": false in the config:

portal_session_conf={ "cookie_name": "portal_session", "secret": "CHANGE_THIS", "storage": "kong", "cookie_secure": false }

PermalinkEnable Basic Auth via Kong Manager

  1. Navigate to the Dev Portal’s Settings page
  2. Find Authentication plugin under the Authentication tab
  3. Select Basic Authentication from the drop down
  4. Click the Save Changes button at the bottom of the form

Warning When Dev Portal Authentication is enabled, content files will remain unauthenticated until a role is applied to them. The exception to this is settings.txt and dashboard.txt which begin with the * role. Please visit the Developer Roles and Content Permissions section for more info.

PermalinkEnable Basic Auth via the Command Line

To patch a Dev Portal’s authentication property directly run:

curl -X PATCH http://localhost:8001/workspaces/<WORKSPACE NAME> \
  --data "config.portal_auth=basic-auth"

Warning When Dev Portal Authentication is enabled, content files will remain unauthenticated until a role is applied to them. The exception to this is settings.txt and dashboard.txt which begin with the * role. Please visit the Developer Roles and Content Permissions section for more info.

PermalinkEnable Basic Auth via the Kong.conf

Kong allows for a default authentication plugin to be set in the Kong configuration file with the portal_auth property.

In your kong.conf file set the property as follows:

portal_auth="basic-auth"

This will set all Dev Portals to use Basic Authentication by default when initialized.