Skip to content
Kong Logo | Kong Docs Logo
search
  • We're Hiring!
  • Docs
    • Kong Gateway
    • Kong Konnect
    • Kong Mesh
    • Plugin Hub
    • decK
    • Kubernetes Ingress Controller
    • Insomnia
    • Kuma

    • Docs contribution guidelines
  • Plugin Hub
  • Support
  • Community
  • Kong Academy
Get a Demo Start Free Trial
  • Kong Gateway
  • Kong Konnect
  • Kong Mesh
  • Plugin Hub
  • decK
  • Kubernetes Ingress Controller
  • Insomnia
  • Kuma

  • Docs contribution guidelines
  • 3.2.x (latest)
  • 3.1.x
  • 3.0.x
  • 2.8.x
  • 2.7.x
  • 2.6.x
  • Older Enterprise versions (2.1-2.5)
  • Older OSS versions (2.1-2.5)
  • Archive (pre-2.1)
    • Version Support Policy
    • Compatibility
    • Changelog
    • Kubernetes
    • Helm
    • OpenShift with Helm
    • Docker
    • Amazon Linux
    • CentOS
    • Debian
    • RHEL
    • Ubuntu
    • Migrating from OSS to EE
    • Upgrade Kong Gateway
    • Upgrade Kong Gateway OSS
      • Configuring a Service
      • Configuring a gRPC Service
      • Enabling Plugins
      • Adding Consumers
      • Prepare to Administer
      • Expose your Services
      • Protect your Services
      • Improve Performance
      • Secure Services
      • Set Up Intelligent Load Balancing
      • Manage Administrative Teams
      • Publish, Locate, and Consume Services
    • Running Kong as a Non-Root User
    • Resource Sizing Guidelines
      • Deploy Kong Gateway in Hybrid Mode
    • Kubernetes Deployment Options
    • Control Kong Gateway through systemd
    • Performance Testing Framework
    • DNS Considerations
    • Default Ports
      • Access Your License
      • Deploy Your License
      • Monitor License Usage
      • Start Kong Gateway Securely
      • Keyring and Data Encryption
      • Kong Security Update Process
      • Authentication Reference
        • OpenID Connect with Curity
        • OpenID Connect with Azure AD
        • OpenID Connect with Google
        • OpenID Connect with Okta
        • OpenID Connect with Auth0
        • OpenID Connect with Cognito
        • OpenID Connect Plugin Reference
      • Allowing Multiple Authentication Methods
        • Create a Super Admin
        • Configure Networking
        • Configure Kong Manager to Send Email
        • Reset Passwords and RBAC Tokens
        • Configure Workspaces
        • Basic Auth
        • LDAP
        • OIDC
        • Sessions
        • Add a Role
        • Add a User
        • Add an Admin
      • Mapping LDAP Service Directory Groups to Kong Roles
      • Enable the Dev Portal
      • Structure and File Types
      • Portal API Documentation
      • Working with Templates
      • Using the Editor
          • Basic Auth
          • Key Auth
          • OIDC
          • Sessions
          • Adding Custom Registration Fields
        • SMTP
        • Workspaces
        • Manage Developers
        • Developer Roles and Content Permissions
          • Authorization Provider Strategy
          • Enable Application Registration
          • Enable Key Authentication for Application Registration
          • External OAuth2 Support
          • Set up Okta and Kong for external OAuth
          • Set Up Azure AD and Kong for External Authentication
          • Manage Applications
        • Easy Theme Editing
        • Migrating Templates Between Workspaces
        • Markdown Rendering Module
        • Customizing Portal Emails
        • Adding and Using JavaScript Assets
        • Single Page App in Dev Portal
        • Alternate OpenAPI Renderer
      • Helpers CLI
    • Configure gRPC Plugins
    • GraphQL Quickstart
    • Logging Reference
    • Network and Firewall
      • Metrics
      • Reports
      • Vitals with InfluxDB
      • Vitals with Prometheus
      • Estimate Vitals Storage in PostgreSQL
    • Prometheus plugin
    • Zipkin plugin
      • DB-less Mode
      • Declarative Configuration
      • Supported Content Types
      • Information Routes
      • Health Routes
      • Tags
      • Service Object
      • Route Object
      • Consumer Object
      • Plugin Object
      • Certificate Object
      • CA Certificate Object
      • SNI Object
      • Upstream Object
      • Target Object
        • Licenses Reference
        • Licenses Examples
        • Workspaces Reference
        • Workspace Examples
        • RBAC Reference
        • RBAC Examples
        • API Reference
        • Examples
        • API Reference
        • Examples
        • Event Hooks Reference
        • Examples
      • Audit Logging
      • Keyring and Data Encryption
      • Securing the Admin API
    • DB-less and Declarative Configuration
    • Configuration Reference
    • CLI Reference
    • Load Balancing Reference
    • Proxy Reference
    • Rate Limiting Library
    • Health Checks and Circuit Breakers Reference
    • Clustering Reference
      • kong.client
      • kong.client.tls
      • kong.cluster
      • kong.ctx
      • kong.ip
      • kong.log
      • kong.nginx
      • kong.node
      • kong.request
      • kong.response
      • kong.router
      • kong.service
      • kong.service.request
      • kong.service.response
      • kong.table
      • Introduction
      • File structure
      • Implementing custom logic
      • Plugin configuration
      • Accessing the datastore
      • Storing custom entities
      • Caching custom entities
      • Extending the Admin API
      • Writing tests
      • (un)Installing your plugin
    • Plugins in Other Languages
    • File Permissions Reference

github-edit-pageEdit this page

report-issueReport an issue

enterprise-switcher-iconSwitch to OSS

On this page
  • List Admins
  • Invite an Admin
  • Register an Admin’s Credentials
  • Send a Password-Reset Email to an Admin
  • Reset an Admin’s Password
  • Retrieve an Admin
  • Update an Admin
  • Delete an Admin
  • List an Admin’s Roles
  • Create or Update an Admin’s Roles
  • Delete an Admin’s Role
  • List an Admin’s Workspaces
Kong Gateway
2.7.x
  • Home
  • Kong Gateway
  • Admin API
  • Admins
  • Admins Reference
You are browsing documentation for an outdated version. See the latest documentation here.

Admins Reference

List Admins

Endpoint

/admins

Response

HTTP 200 OK
{
  "data": [{
    "created_at": 1556638385,
    "id": "665b4070-541f-48bf-82c1-53030babaa81",
    "updated_at": 1556638385,
    "status": 4,
    "username": "test-admin",
    "email": "test@test.com",
    "rbac_token_enabled": true
  }, {
    "created_at": 1556563122,
    "id": "a93ff120-9e6c-4198-b47e-f779104c7eac",
    "updated_at": 1556563122,
    "status": 0,
    "username": "kong_admin",
    "rbac_token_enabled": false
  }],
  "next": null
}

Invite an Admin

Endpoint

/admins
Attribute Description
email The Admin’s email address
username The Admin’s username
custom_id
optional
The Admin’s custom ID
rbac_token_enabled Allows the Admin to use and reset their RBAC token; true by default

Response

HTTP 200 OK
{
  "admin": {
    "created_at": 1556638641,
    "id": "8f0a742f-07f3-49e0-90d7-4fc7eea7e6a4",
    "updated_at": 1556638641,
    "status": 4,
    "username": "test-case-3",
    "email": "test3@test.com",
    "rbac_token_enabled": true
  }
}

Register an Admin’s Credentials

Endpoint

/admins/register
Attribute Description
token The authentication token
username The Admin’s username
email The Admin’s email address
password The Admin’s new password

Response

HTTP 201 Created

Send a Password-Reset Email to an Admin

Endpoint

/admins/password_resets
Attribute Description
email The Admin’s email address

Response

HTTP 201 Created

Reset an Admin’s Password

Endpoint

/admins/password_resets
Attribute Description
email The Admin’s email address
password The Admin’s new password
token The authentication token

Response

HTTP 200 OK

Retrieve an Admin

Endpoint

/admins/{name_or_id}
Attribute Description
name_or_id The Admin’s username or ID
generate_register_url
optional
true returns a unique registration URL for the Admin

Notes:

  • generate_register_url will only generate a URL if the Admin’s invitation status is 4 (“invited”).
  • generate_register_url will override the preåvious registration URL for the particular Admin each time it is requested.

Response

HTTP 200 OK
{
  "created_at": 1556638385,
  "id": "665b4070-541f-48bf-82c1-53030babaa81",
  "updated_at": 1556638385,
  "status": 4,
  "username": "test-admin",
  "email": "test@test.com",
  "rbac_token_enabled": true
}

Update an Admin

Endpoint

/admins/{name_or_id}
Attribute Description
name_or_id The Admin’s current username or custom ID
email
optional
The Admin’s new email address
username
optional
The Admin’s new username
custom_id
optional
The Admin’s new custom ID
rbac_token_enabled Allows the Admin to use and reset their RBAC token; true by default

Response

HTTP 200 OK
{
  "created_at": 1556638385,
  "id": "665b4070-541f-48bf-82c1-53030babaa81",
  "updated_at": 1556639017,
  "status": 4,
  "username": "test-renamed",
  "email": "test@test.com"
  "rbac_token_enabled": true
}

Delete an Admin

Endpoint

/admins/{name_or_id}
Attribute Description
name_or_id The Admin’s username or ID

Response

HTTP 204 No Content

List an Admin’s Roles

Endpoint

/admins/{name_or_id}/roles
Attribute Description
name_or_id The Admin’s username or ID

Response

HTTP 200 OK
{
  "roles": [{
    "comment": "Read access to all endpoints, across all workspaces",
    "created_at": 1556563122,
    "id": "7574eb1d-c9fa-46a9-bd3a-3f1b4b196287",
    "name": "read-only",
    "is_default": false
  }, {
    "comment": "Full access to all endpoints, across all workspaces—except RBAC Admin API",
    "created_at": 1556563122,
    "id": "7fdea5c8-2bfa-4aa9-9c21-7bb9e607186d",
    "name": "admin",
    "is_default": false
  }]
}

Create or Update an Admin’s Roles

Endpoint

/admins/{name_or_id}/roles
Attribute Description
name_or_id The Admin’s current username or ID
roles (comma separated) string of names of Roles to create or update for an Admin

Response

HTTP 201 OK
{
  "roles": [{
    "comment": "Read access to all endpoints, across all workspaces",
    "created_at": 1556563122,
    "id": "7574eb1d-c9fa-46a9-bd3a-3f1b4b196287",
    "name": "read-only",
    "is_default": false
  }, {
    "comment": "Full access to all endpoints, across all workspaces—except RBAC Admin API",
    "created_at": 1556563122,
    "id": "7fdea5c8-2bfa-4aa9-9c21-7bb9e607186d",
    "name": "admin",
    "is_default": false
  }, {
    "comment": "Full access to all endpoints, across all workspaces",
    "created_at": 1556563122,
    "id": "99bd8d18-f5b6-410e-aefe-d75f4252f13c",
    "name": "super-admin",
    "is_default": false
  }]
}

Delete an Admin’s Role

Endpoint

/admins/{name_or_id}/roles
Attribute Description
name_or_id The Admin’s current username or custom ID
roles (comma separated) string of names of Roles to remove from an Admin

Response

HTTP 204 No Content

List an Admin’s Workspaces

Endpoint

/admins/{name_or_id}/workspaces
Attribute Description
name_or_id The Admin’s username or ID

Response

HTTP 200 OK
[{
  "created_at": 1556563122,
  "config": {
    "portal": true,
    "portal_auto_approve": true
  },
  "id": "00000000-0000-0000-0000-000000000000",
  "name": "default",
  "meta": {}
}, {
  "created_at": 1556570807,
  "config": {
    "portal": true
  },
  "id": "57b3ce24-6d29-427f-af13-15bd60430e56",
  "name": "sdfgsdfg",
  "meta": {
    "color": "#3894f0"
  }
}]
Thank you for your feedback.
Was this page useful?
  • Kong
    THE CLOUD CONNECTIVITY COMPANY

    Kong powers reliable digital connections across APIs, hybrid and multi-cloud environments.

    • Company
    • Customers
    • Events
    • Investors
    • Careers Hiring!
    • Partners
    • Press
    • Contact
  • Products
    • Kong Konnect
    • Kong Gateway
    • Kong Mesh
    • Get Started
    • Pricing
  • Resources
    • eBooks
    • Webinars
    • Briefs
    • Blog
    • API Gateway
    • Microservices
  • Open Source
    • Install Kong Gateway
    • Kong Community
    • Kubernetes Ingress
    • Kuma
    • Insomnia
  • Solutions
    • Decentralize
    • Secure & Govern
    • Create a Dev Platform
    • API Gateway
    • Kubernetes
    • Service Mesh
Star
  • Terms•Privacy
© Kong Inc. 2023