Skip to main content
Version: 3.2.14.6

Authentication

For security reasons, API7 Enterprise should authenticate and authorize consumers before they access internal resources. API7 Enterprise has a flexible plugin extension system and a number of plugins for user authentication and authorization.

Key authentication is a relatively simple but widely used authentication approach. Ideally, it works in the following way:

  1. The administrator adds an authentication key (API key) to the route.
  2. API consumers add the key to the query string or headers for authentication when sending requests.

Each route can use one authentication mechanism. Do not enable multiple authentication plugins on a single route or enable authentication plugins as global rules.

API7.ai Logo

API Management for Modern Architectures with Edge, API Gateway, Kubernetes, and Service Mesh.

Product

API7 Cloud
API7 Enterprise
API Portal
Roadmap

Open Source

Apache APISIX
K8s Ingress Controller
wasm-nginx-module
Contributor Graph

Resources

Blog
Documentation
NGINX + Lua
APISIX vs Kong
APISIX vs NGINX

Company

About
Contact
Compliance Standards
Partners
Terms & Privacy
SOC2 Type IIISO 27001HIPAAGDPRRed Herring

Copyright © APISEVEN Ltd. 2019 – 2024. Apache, Apache APISIX, APISIX, and associated open source project names are trademarks of the

Apache Software Foundation