Skip to content
Kong Logo | Kong Docs Logo
search
  • We're Hiring!
  • Docs
    • Kong Gateway
    • Kong Konnect
    • Kong Mesh
    • Plugin Hub
    • decK
    • Kubernetes Ingress Controller
    • Insomnia
    • Kuma

    • Docs contribution guidelines
  • Plugin Hub
  • Support
  • Community
  • Kong Academy
Get a Demo Start Free Trial
  • Kong Gateway
  • Kong Konnect
  • Kong Mesh
  • Plugin Hub
  • decK
  • Kubernetes Ingress Controller
  • Insomnia
  • Kuma

  • Docs contribution guidelines
  • 3.3.x (latest)
  • 3.2.x
  • 3.1.x
  • 3.0.x
  • 2.8.x
  • 2.7.x
  • 2.6.x
  • Older Enterprise versions (2.1-2.5)
  • Older OSS versions (2.1-2.5)
  • Archive (pre-2.1)

github-edit-pageEdit this page

report-issueReport an issue

enterprise-switcher-iconSwitch to OSS

On this pageOn this page
  • Prerequisites
  • Add a role and permissions
Kong Gateway
3.1.x
  • Home
  • Kong Gateway
  • Kong Manager
  • Authentication and Authorization
  • Rbac
  • Add a Role and Permissions
You are browsing documentation for an outdated version. See the latest documentation here.

Add a Role and Permissions

Roles make it easy to logically group and apply the same set of permissions to admins. Permissions may be customized in detail, down to individual actions and endpoints.

Kong Gateway includes default roles for standard use cases, e.g. inviting additional super admins, inviting admins that may only read endpoints.

This guide describes how to create a custom role in Kong Manager for a unique use case. As an alternative, if a super admin wants to create a role with the Admin API, it is possible to do so using /rbac/roles. To add permissions to the new role, use /rbac/roles/{name_or_id}/endpoints for endpoints or /rbac/roles/{name_or_id}/entities for specific entities.

Prerequisites

  • Authentication and RBAC are enabled
  • You have super admin permissions or a user that has /admins and /rbac read and write access

Add a role and permissions

  1. From the Admins page, click the Add Role button.

  2. On the Add Role form, name the Role according to the Permissions you want to grant.

    It may be helpful for future reference to include a brief comment describing the reason for the permissions or a summary of the role.

  3. Click the Add Permissions button and fill out the form. Add the endpoint permissions by marking the appropriate checkbox.

  4. Click Add Permission to Role to see the permissions listed on the form.

  5. To forbid access to certain endpoints, click Add Permission again and use the negative checkbox.

  6. Submit the form to see the new roles appear on the admins page.

Thank you for your feedback.
Was this page useful?
  • Kong
    THE CLOUD CONNECTIVITY COMPANY

    Kong powers reliable digital connections across APIs, hybrid and multi-cloud environments.

    • Company
    • Customers
    • Events
    • Investors
    • Careers Hiring!
    • Partners
    • Press
    • Contact
  • Products
    • Kong Konnect
    • Kong Gateway
    • Kong Mesh
    • Get Started
    • Pricing
  • Resources
    • eBooks
    • Webinars
    • Briefs
    • Blog
    • API Gateway
    • Microservices
  • Open Source
    • Install Kong Gateway
    • Kong Community
    • Kubernetes Ingress
    • Kuma
    • Insomnia
  • Solutions
    • Decentralize
    • Secure & Govern
    • Create a Dev Platform
    • API Gateway
    • Kubernetes
    • Service Mesh
Star
  • Terms•Privacy
© Kong Inc. 2023