|An admin is a Kong Gateway user account capable of accessing the Admin API or Kong Manager.
|Authentication is the process by which a system validates the identity of a user account.
|Authorization is the system of defining access to certain resources. In Kong Gateway, role-based access control (RBAC) is the main authorization mode.
|A list of all specs within a Dev Portal instance. This catalog can react to developer permissions, allowing a given developer to see whatever specs their role permits.
|A Kong client refers to the downstream client making requests to Kong Gateway’s proxy port. It could be another service in a distributed application, a user’s identity, a user’s browser, or a specific device.
|A consumer object represents the client of a service. A consumer is also the Admin API entity representing a developer or machine using the API.
|A unique string associated with a consumer; also referred to as an API key.
|A web application that functions as a collection of API products, specs and documentation objects. The purpose of a portal is to allow registration and consumption of services running through Kong to other teams, developers, and partners.
|Sets of role-defined entities.
|A host represents the domain hosts (using DNS) intended to receive upstream traffic. In Kong Gateway, it is a list of domain names that match a route object.
|A plugin developed, maintained, and supported by Kong.
|A permission is a policy representing the ability to create, read, update, or destroy an Admin API entity defined by endpoints.
|Plugins provide advanced functionality and extend the use of Kong Gateway, allowing you to add new features to your gateway. Plugins can be configured to run in a variety of contexts, ranging from a specific route to all upstreams. Plugins can perform operations in your environment, such as authentication, rate-limiting, or transformations on a proxied request.
|Kong Gateway is a reverse proxy that manages traffic between clients and hosts. As a gateway, Kong’s proxy functionality evaluates any incoming HTTP request against configured routes.
|Rate limiting allows you to restrict how many requests your upstream services receive from your API consumers, or how often each user can call the API. Rate limiting protects the APIs from inadvertent or malicious overuse.
|A role is a set of permissions that may be reused and assigned to admins.
|A route, also referred to as a route object, defines rules to match client requests to upstream services. Each route is associated with a service, and a service may have multiple routes associated with it. routes are entry points to upstream services.
|A service, also referred to as a service object, is the upstream APIs and microservices that Kong manages. For example, a service could be a data transformation microservice or a billing API. The main attribute of a service is its URL, the destination where Kong Gateway proxies traffic. The URL can be set as a single string, or by specifying its protocol, host, port, and path.
|A super admin, or any role with read and write access to the /admins and /rbac endpoints, creates new Roles and customize permissions. A super admin can invite and disable other admin accounts, assign and revoke roles to admins, create new roles with custom permissions, and create new workspaces.
|An OpenAPI definition of your service in YAML or JSON format. Can be uploaded to Dev Portal to share with developers in your organization.
|Tags are customer-defined labels that let you manage, search for, and filter core entities using the
?tags querystring parameter. Tags can be added when creating or editing most core entities. Each tag must be composed of one or more alphanumeric characters,
|Teams organize developers into working groups.
|Third-party or community plugin
|A custom plugin developed, maintained, and supported by an external developer, not by Kong. Kong does not test these plugins, or update their version compatibility.
|An upstream object refers to the API or service managed by Kong Gateway, to which client requests are forwarded. An upstream object represents a virtual hostname and can be used to load balance incoming requests over multiple services.
|Workspaces enable an organization to segment objects and admins into namespaces. The segmentation allows teams of admins sharing the same Kong Gateway cluster to adopt roles for interacting with specific objects.