Enable Basic Auth for Kong Manager
Enable basic authentication on a Kong Manager instance.
Prerequisites
You have super admin permissions
or a user that has /admins
and /rbac
read and write access.
Set up basic authentication
-
In
kong.conf
, configure the following properties:enforce_rbac = on admin_gui_auth = basic-auth admin_gui_session_conf = { "secret":"set-your-string-here" }
This enables RBAC, sets
basic-auth
as the authentication method, and creates a session secret.Kong Manager uses the Sessions plugin in the background. This plugin (configured with
admin_gui_session_conf
) requires a secret and is configured securely by default.- Under all circumstances, the
secret
must be manually set to a string. - If using HTTP instead of HTTPS,
cookie_secure
must be manually set tofalse
. - If using different domains for the Admin API and Kong Manager,
cookie_same_site
must be set toLax
.
Learn more about these properties in Session Security in Kong Manager, and see example configurations.
- Under all circumstances, the
-
Start or reload Kong and point to the
kong.conf
file:kong start [-c /path/to/kong/conf]
-
Choose one of the following options:
-
If you created a super admin via database migration, log in to Kong Manager with the username
kong_admin
and the password set in the environment variable. -
If you created a super admin via the Kong Manager Teams tab as described in How to Create a Super Admin, log in with the credentials you created after accepting the email invitation.
-