PermalinkEnabling Plugins

Before you start:

Make sure you've installed Kong - It should only take a minute!
Make sure you've started Kong.
Also, make sure you've configured your Service in Kong.

In this section, you’ll learn how to configure Kong plugins. One of the core principles of Kong is its extensibility through plugins. Plugins allow you to easily add new features to your Service and make it easier to manage.

In the steps below, you have to configure the key-auth plugin to add authentication to your Service. Prior to the addition of this plugin, all requests to your Service is going to be proxied upstream. Once you add and configure this plugin, only requests with the correct key(s) are proxied. All other requests are rejected by Kong to protect your upstream service from unauthorized use.

Permalink1. Configure the key-auth plugin

To configure the key-auth plugin for the Service you configured in Kong, issue the following cURL request:

$ curl -i -X POST \
  --url http://localhost:8001/services/example-service/plugins/ \
  --data 'name=key-auth'

Note: This plugin also accepts a config.key_names parameter, which defaults to ['apikey']. It is a list of headers and parameters names (both are supported) that are supposed to contain the apikey during a request.

Permalink2. Verify that the plugin is properly configured

Issue the following cURL request to verify that the key-auth plugin is properly configured on the Service:

curl -i -X GET \
  --url http://localhost:8000/ \
  --header 'Host: example.com'

Since you did not specify the required apikey header or parameter, the response should be 401 Unauthorized:

HTTP/1.1 401 Unauthorized
...

{
  "message": "No API key found in request"
}

PermalinkNext Steps

Now that you’ve configured the key-auth plugin lets learn how to add consumers to your Service so that you can continue proxying requests through Kong.

Go to Adding Consumers ›