You are browsing documentation for an outdated version. See the latest documentation here.
Enable Basic Auth for Kong Manager
Enable basic authentication on a Kong Manager instance.
Prerequisites
You have super admin permissions or a user that has /admins
and /rbac
read and write access.
Set up basic authentication
In kong.conf, configure the following properties:
enforce_rbac = on
admin_gui_auth = basic-auth
admin_gui_session_conf = { "secret":"set-your-string-here" }
This enables RBAC, sets
basic-auth
as the authentication method, and creates a session secret.Kong Manager uses the Sessions plugin in the background. This plugin (configured with
admin_gui_session_conf
) requires a secret and is configured securely by default.- Under all circumstances, the
secret
must be manually set to a string. - If using HTTP instead of HTTPS,
cookie_secure
must be manually set tofalse
. - If using different domains for the Admin API and Kong Manager,
cookie_samesite
must be set tooff
.
Learn more about these properties in Session Security in Kong Manager, and see example configurations.
Start or reload Kong and point to the
kong.conf
file:kong start [-c /path/to/kong/conf]
Choose one of the following options:
If you created a super admin via database migration, log in to Kong Manager with the username
kong_admin
and the password set in the environment variable.If you created a super admin via the Kong Manager Teams tab as described in How to Create a Super Admin, log in with the credentials you created after accepting the email invitation.