Enable Basic Auth in the Dev Portal
The Kong Dev Portal can be fully or partially authenticated using HTTP protocol’s Basic Authentication scheme. Requests are sent with an Authorization header that contains the word Basic
followed by the base64-encoded username:password
string.
Basic Authentication for the Dev Portal can be enabled using any of the following ways:
- Enable Portal Session Config
- Enable Basic Auth Using Kong Manager
- Enable Basic Auth Using the Command Line
- Enable Basic Auth Using kong.conf
Warnings:
Enabling authentication in the Dev Portal requires use of the Sessions plugin. Developers will not be able to log in if this is not properly set. For more information, see Sessions in the Dev Portal.
When Dev Portal Authentication is enabled, content files remain unauthenticated until a role is applied to them. The exceptions are
settings.txt
anddashboard.txt
, which begin with the*
role. For more information, see Developer Roles and Content Permissions.
Enable Portal Session Config
In the Kong configuration file, set the portal_session_conf
property:
portal_session_conf={ "cookie_name":"portal_session","secret":"<CHANGE_THIS>","storage":"kong"}
If using HTTP while testing, include "cookie_secure": false
in the config:
portal_session_conf={ "cookie_name":"portal_session","secret":"<CHANGE_THIS>","storage":"kong","cookie_secure":false}
Or, if you have different subdomains for the portal_api_url
and portal_gui_host
, set the cookie_domain
and cookie_samesite
properties as follows:
portal_session_conf={ "cookie_name":"portal_session","secret":"<CHANGE_THIS>","storage":"kong","cookie_secure":false,"cookie_domain":"<.your_subdomain.com>","cookie_samesite":"off" }
See also:
For more information about portal session configuration, see Sessions.
For more information about domains and cookies in Dev Portal sessions, see Domains.
Enable Basic Auth Using Kong Manager
- Navigate to the Dev Portal’s Settings page.
- Find Authentication plugin under the Authentication tab.
- Select Basic Authentication.
- Click Save Changes.
Enable Basic Auth Using the Command Line
To patch a Dev Portal’s authentication property directly, run:
curl -X PATCH http://localhost:8001/workspaces/<WORKSPACE_NAME> \
--data "config.portal_auth=basic-auth"
Enable Basic Auth Using kong.conf
Kong allows for a default authentication plugin to be set in the Kong configuration file with the portal_auth
property.
In your kong.conf
file, set the property as follows:
portal_auth="basic-auth"
This sets all Dev Portals to use Basic Authentication by default when initialized.