basic-auth

    This works well with a . Consumers of the API can then add their key to the header to authenticate their requests.

    For Consumer:

    NOTE: encrypt_fields = {"password"} is also defined in the schema, which means that the field will be stored encrypted in etcd. See .

    NameTypeRequiredDefaultDescription
    hide_credentialsbooleanFalsefalseSet to true will not pass the authorization request headers to the Upstream.

    To enable the Plugin, you have to create a Consumer object with the authentication configuration:

    You can also use the to complete the operation through a web UI.

    Once you have created a Consumer object, you can then configure a Route or a Service to authenticate requests:

    1. curl http://127.0.0.1:9180/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
    2. {
    3.     "uri": "/hello",
    4.     "plugins": {
    6.     },
    7.     "upstream": {
    8.         "type": "roundrobin",
    9.         "nodes": {
    10.         }
    11.     }
    1. HTTP/1.1 200 OK
    2. ...
    3. hello, world

    If the request is not authorized, an error will be thrown:

    And if the user or password is not valid:

    1. HTTP/1.1 401 Unauthorized
    2. {"message":"Invalid user authorization"}

    To disable the jwt-auth Plugin, you can delete the corresponding JSON configuration from the Plugin configuration. APISIX will automatically reload and you do not have to restart for this to take effect.