Basic Authentication Configuration - Plugin - v2.8.x

You are browsing documentation for an outdated plugin version.

Configuration

This plugin is partially compatible with DB-less mode.

Consumers and Credentials can be created with declarative configuration.

Admin API endpoints which do POST, PUT, PATCH or DELETE on Credentials are not available on DB-less mode.

The Basic Authentication plugin is compatible with the following protocols:

grpc, grpcs, http, https

Here's a list of all the parameters which can be used in this plugin's configuration:

name or plugin

string required
The name of the plugin, in this case basic-auth.
- If using the Kong Admin API, Konnect API, declarative configuration, or decK files, the field is name.
- If using the KongPlugin object in Kubernetes, the field is plugin.
service.name or service.id

string

The name or ID of the service the plugin targets. Set one of these parameters if adding the plugin to a service through the top-level /plugins endpoint. Not required if using /services/{serviceName|Id}/plugins.
route.name or route.id

string

The name or ID of the route the plugin targets. Set one of these parameters if adding the plugin to a route through the top-level /plugins endpoint. Not required if using /routes/{routeName|Id}/plugins.
enabled

boolean default: true

Whether this plugin will be applied.
config

record required
- anonymous
  
  string
  
  An optional string (consumer UUID) value to use as an anonymous consumer if authentication fails. If empty (default), the request will fail with an authentication failure 4xx. Note that this value must refer to the consumer id attribute that is internal to Kong, and not its custom_id.
- hide_credentials
  
  boolean required default: false
  
  An optional boolean value telling the plugin to show or hide the credential from the upstream service. If true, the plugin will strip the credential from the request (i.e. the Authorization header) before proxying it.

Previous Basic Authentication