Skip to main content

Version: 3.2.15.2

Manage Consumer Credentials

A consumer is an application or a developer that consumes your API. Enabling authentication on a service allows you to control access, requiring consumers to obtain the credentials before accessing the APIs.

Authentication plugins enabled on services act as locks on your APIs, while consumer credentials serve as the keys to unlock them. In API7 Enterprise, you need a unique username and at least one credential to set up a consumer.

Consumers can utilize multiple credentials of different types, all are treated equally for authentication purposes.

This tutorial guides you in creating a consumer and configuring authentication credentials.

Prerequisites

  1. Install API7 Enterprise.
  2. Have a running API on the gateway group.

Configure Key Authentication Credentials

  1. Select Consumers of your gateway group from the side navigation bar.
  2. Click + Add Consumer.
  3. In the dialog box, do the following:
  • In the Name field, enter Alice.
  • Click Add.
  1. Under the Credentials tab, click + Add Key Authentication Credential.
  2. In the dialog box, do the following:
  • In the Name field, enter primary-key.
  • In the Key field, enter alice-primary-key.
  • Click Add.
  1. Try again to add another Key Authentication Credential named backup-key with key alice-backup-key. All credentials are valid and can be used interchangeably for API authentication.

Below is an interactive demo that provides a hands-on introduction to configuring key authentication credential using API7 Enterprise.

Validate

See enable key authentication for APIs for instruction, and enable the Key Auth Plugin on the service level.

Then follow validate key authentication instruction.

Configure Basic Authentication Credentials

  1. Select Consumers of your gateway group from the side navigation bar.
  2. Click Add Consumer.
  3. From the dialog box, do the following:
  • In the Name field, enter Alice.
  • Click Add.
  1. Under the Credentials tab, click Basic Authentication tab, then click Add Basic Authentication Credential.
  2. From the dialog box, do the following:
  • In the Name field, enter primary-basic.
  • In the Username field, enter Alice.
  • In the Password field, enter alice-password.
  • Click Add.
  1. Try again to add another Basic Authentication Credential named backup-basic with username Alice-backup and password alice-backup-password. All credentials are valid and can be used interchangeably for API authentication.

Validate

See enable basic authentication for APIs for instruction, and enable the Key Auth Plugin on the service level.

Then follow validate basic authentication instruction.

Configure Varied Authentication Credentials

While consumers can have multiple credentials of different types, each route in a published service should be configured with only one authentication plugin. This allows consumers to access multiple routes using their preferred authentication methods.

Below is an interactive demo that provides a hands-on introduction to configuring various authentication credentials using API7 Enterprise.

  1. Select Consumers of your gateway group from the side navigation bar.
  2. Click + Add Consumer.
  3. In the dialog box, do the following:
  • In the Name field, enter John.
  • Click Add.
  1. Under the Credentials tab, click Add Key Authentication Credential.
  2. In the dialog box, do the following:
  • In the Name field, enter key-auth.
  • In the Key field, choose Manually Input, then enter john-key-auth.
  • Click Add.
  1. Under the Credentials tab, select Basic Authentication and click Add Basic Authentication Credential.
  2. In the dialog box, do the following:
  • In the Name field, enter basic-auth.
  • In the Username field, enter john.
  • In the Password field, choose Manually Input, then enter john-password.
  • Click Add.
  1. Under the Credentials tab, select JWT and click Add JWT Credential.
  2. In the dialog box, do the following:
  • In the Name field, enter jwt-auth.
  • In the Key field, enter john-jwt-key.
  • In the Algorithm field, select RS256.
  • In the Public Key field, choose Manually Input, then enter your public key.
  • Click Add.
  1. Under the Credentials tab, select HMAC Authentication and click Add HMAC Authentication Credential.
  2. In the dialog box, do the following:
  • In the Name field, enter hmac-auth.
  • In the Key ID field, enter john-key.
  • In the Secret Key field, choose Manually Input, then enter john-hmac-key.
  • Click Add.

Additional Resources


API7.ai Logo

API Management for Modern Architectures with Edge, API Gateway, Kubernetes, and Service Mesh.

Product

API7 Cloud

SOC2 Type IIISO 27001HIPAAGDPRRed Herring

Copyright © APISEVEN Ltd. 2019 – 2024. Apache, Apache APISIX, APISIX, and associated open source project names are trademarks of the

Apache Software Foundation