Table of Contents
By default, Kong Manager starts up without authentication (see
admin_gui_auth), and it assumes that the Admin API is available
on port 8001 (see [Default Ports]) of the same host that serves
Common configurations to enable are
Serving Kong Manager from a dedicated Kong node
When Kong Manager is on a dedicated Kong node, it must make
external calls to the Admin API. Set
admin_api_uri to the
location of your Admin API.
Securing Kong Manager through a Kong Authentication Plugin
When Kong Manager is secured through an Authentication Plugin
and not on a dedicated node, it makes calls to the Admin API on
the same host. By default, the Admin API listens on ports 8001 and
8444 on localhost. Change
admin_listen if necessary, or set
Securing Kong Manager and serving it from a dedicated node
When Kong Manager is secured and served from a dedicated node,
admin_api_uri to the location of the Admin API.
The table below summarizes which properties to set (or defaults to
verify) when configuring Kong Manager connectivity to the Admin API.
To enable authentication, configure the following properties:
⚠️ When Kong Manager authentication is enabled, RBAC must be turned
on to enforce authorization rules. Otherwise, whoever can log in
to Kong Manager can perform any operation available on the Admin API.