Add API Key Authentication to your APIs. Consumers must add their key in a header to authenticate their requests.

Add API Key auth on top of an API by executing the following request:

curl -X POST -H "Content-Type: application/json" -d '{
"name": "api_key",
"route_id": <route_id>,
"http_methods": [
  "*"
 ]
}' "http://localhost:9090/admin/plugin-configs"

JSON body parameters:

• route_id (required): the route this plugin configuration applies to.
• http_methods: the HTTP methods this plugin configuration applies to, e.g. POST. The asterisk character (*) captures all methods. Please keep all method names uppercase, e.g. use GET instead of get.

To call an API protected with API Key authentication, consumers must use their API Key.

To register an API key, use the following request:

curl -X POST -H "Content-Type: application/json" -d '{
}' "http://localhost:9090/admin/consumers/<consumer_id>/api-keys"

URL parameters:

• <consumer_id>: The consumer ID to associate the API key to.

JSON body parameters:

• api_key: The unique API key. It is recommended you let the system create one for you.

To use an API key, a consumer must pass it as a header to the request.

curl -X GET -H "API_KEY: <api_key>" "http://localhost:8080/<api>"

Headers:

• API_KEY: the API key of the consumer

The name of the header is currently non-configurable.