In order to give you better service we use cookies. By continuing to use our website, you agree to the use of cookies as described in our Cookie Policy

Kong
Edit this Page
Documentation

Documentation

Community Edition (0.5.x)
Maybe you were looking for the Enterprise Edition (EE) Documentation instead?
Careful! You are browsing documentation for an outdated version of Kong. Go here to browse the documentation for the latest version.

Table of Contents

Enabling Plugins

Before you start:
  1. Make sure you've installed Kong - It should only take a minute!
  2. Make sure you've started Kong.
  3. Also, make sure you've added your API to Kong.

In this section, you'll learn how to enable plugins. One of the core principals of Kong is its extensibility through plugins. Plugins allow you to easily add new features to your API or make your API easier to manage.

First, we'll have you configure and enable the key-auth plugin to add authentication to your API.

  1. Add plugin to your Kong config

    Add key-auth under the plugins_available property in your Kong instance configuration file should it not already exist:

    plugins_available:
  - key-auth

  2. Restart Kong

    Issue the following command to restart Kong. This allows Kong to load the plugin.

    $ kong restart

    Note: If you have a cluster of Kong instances that share the configuration, you should restart each node in the cluster.

  3. Configure the plugin for your API

    Now that Kong has loaded the plugin, we should configure it to be enabled on your API.

    Issue the following cURL request on the previously created API named mockbin:

    $ curl -i -X POST \
  --url http://localhost:8001/apis/mockbin/plugins/ \
  --data 'name=key-auth'

    Note: This plugin also accepts a config.key_names parameter, which defaults to [apikey]. It is a list of headers and parameters names (both are supported) that are supposed to contain the API key during a request.

  4. Verify that the plugin is enabled for your API

    Issue the following cURL request to verify that the key-auth plugin was enabled for your API:

    $ curl -i -X GET \
  --url http://localhost:8000/ \
  --header 'Host: mockbin.com'

    Since you did not specify the required apikey header or parameter, the response should be 403 Forbidden:

    HTTP/1.1 403 Forbidden
...

{
  "message": "Your authentication credentials are invalid"
}

Next Steps

Now that you've enabled the key-auth plugin lets learn how to add consumers to your API so we can continue proxying requests through Kong.

Go to Adding Consumers ›