You are browsing documentation for an older version. See the latest documentation here.
Enable Basic Auth for Kong Manager
Prerequisites
To enable Basic Authentication, configure Kong with the following properties:
enforce_rbac = on
admin_gui_auth = basic-auth
admin_gui_session_conf = { "secret":"set-your-string-here" }
The Sessions Plugin requires a secret and is configured securely by default.
- Under all circumstances, the
secret
must be manually set to a string. - If using HTTP instead of HTTPS,
cookie_secure
must be manually set tofalse
. - If using different domains for the Admin API and Kong Manager,
cookie_samesite
must be set tooff
. Learn more about these properties in Session Security in Kong Manager, and see example configurations.
Step 1
Start Kong:
$ kong start [-c /path/to/kong/conf]
Step 2
If you created a Super Admin via database migration, log in to Kong
Manager with the username kong_admin
and the password
set in the environment variable.
If you created a Super Admin via the Kong Manager “Organization” tab as described in How to Create a Super Admin, log in with the credentials you created after accepting the email invitation.