Welcome to API Gateway Plugin Hub
Discover powerful plugins to extend and enhance Apache APISIX’s capabilities for seamless API management
AI
#
AI Aliyun Content Moderation
The ai-aliyun-content-moderation plugin supports the integration with Aliyun to check prompt inputs for risk level when proxying to LLMs, rejecting requests that exceed the threshold.
AI Prompt Template
The ai-prompt-template plugin supports pre-configured templates for user inputs to LLMs in a "fill in the blank" fashion, streamlining API management.
AI Proxy Multi
The ai-proxy-multi plugin extends the capabilities of ai-proxy with load balancing, retries, fallbacks, and health chekcs, simplying the integration with OpenAI, DeepSeek, and other OpenAI-compatible APIs.
AI RAG
The ai-rag plugin enhances LLM outputs with Retrieval-Augmented Generation (RAG), efficiently retrieving relevant documents to improve accuracy and contextual relevance in responses.
AI Rate Limiting
The ai-rate-limiting plugin enforces token-based rate limiting for LLM service requests, preventing overuse, optimizing API consumption, and ensuring efficient resource allocation.
AI Proxy
The ai-proxy plugin simplifies access to LLM and embedding models providers by converting plugin configurations into the required request format for OpenAI, DeepSeek, and other OpenAI-compatible APIs.
AI Prompt Guard
The ai-prompt-guard plugin safeguards prompts to LLM using allow/deny patterns, ensuring only approved inputs pass. It can check the latest message or full history.
AI Request Rewrite
The ai-request-rewrite plugin forwards client requests to LLM services for processing before sending them upstream, enabling AI-driven redaction, enrichment, and reformatting.
AI Prompt Decorator
The ai-prompt-decorator plugin decorates user prompts to LLMs by prefixing and appending pre-engineered prompts, streamlining API operation and content generation.
AI AWS Content Moderation
The ai-aws-content-moderation plugin supports the integration with AWS Comprehend to check prompt inputs for toxicity when proxying to LLMs, rejecting requests that exceed the threshold.
Traffic Management#
Graphql Proxy Cache
The graphql-proxy-cache plugin enables caching of responses for GraphQL queries, improving API performance.
Graphql Limit Count
The graphql-limit-count plugin employs a fixed window algorithm to restrict the rate of GraphQL requests based on the depth of queries or mutations, optimizing API performance and resource usage.
Limit Conn
The limit-conn plugin restricts the rate of requests by managing concurrent connections. Requests exceeding the threshold may be delayed or rejected, ensuring controlled API usage and preventing overload.
Limit Count
The limit-count plugin enforces API rate limiting with a fixed window algorithm, restricting requests within a time interval. Requests over the quota are rejected.
Limit Count Advanced
The limit-count-advanced plugin enforces API rate limiting with a fixed window or sliding window algorithm, restricting requests within a time window. Requests over the quota are rejected.
Limit Req
The limit-req plugin enforces API rate limiting with a leaky bucket algorithm to rate limit requests, enabling effective throttling to manage traffic flow.
OAS Validator
The oas-validator plugin ensures requests and responses comply with defined Open API schemas, enhancing API management and operational integrity.
Proxy Buffering
The proxy-buffering plugin dynamically disables NGINX proxy buffering, optimizing performance with SSE and other streaming upstream services in API gateway.
Proxy Cache
The proxy-cache plugin caches responses based on keys, supporting disk and memory caching for GET, POST, and HEAD requests, enhancing API performance.
Proxy Mirror
The proxy-mirror plugin duplicates ingress traffic to API gateway, forwarding it to a designated upstream while keeping regular services uninterrupted.
Request ID
The request-id plugin adds a unique ID to each request proxied through the API gateway, facilitating effective tracking of API requests for better API management.
Request Validation
The request-validation plugin checks requests for compliance before forwarding them to upstream services, enhancing security in API operations.
Traffic Label
The traffic-label plugin labels traffic based on user-defined rules, enabling actions based on labels and associated weights for improved API traffic management.
Traffic Split
The traffic-split plugin directs traffic to multiple upstream services based on conditions or weights, providing a flexible approach for API release strategies and traffic management.
Workflow
The workflow plugin enables conditional execution of user-defined actions on client traffic based on specific rules, allowing granular API traffic management.
Transformation#
Body Transformer
The body-transformer plugin converts request and response bodies between formats, such as JSON to XML, facilitating seamless data exchange.
Attach Consumer Label
The attach-consumer-label plugin attaches custom consumer labels to authenticated requests, for upstream services to implement additional business logics.
degraphql
The degraphql plugin enables communication with upstream GraphQL services through standard HTTP requests by mapping GraphQL queries to HTTP endpoints, simplifying API integration.
Fault Injection
The fault-injection plugin tests application resiliency by simulating controlled faults or delays, making it ideal for chaos engineering and failure condition analysis.
Exit transformer
The exit-transformer plugin customizes API gateway responses based on status codes, headers, and bodies. When set as a global plugin, it also customizes responses for non-existent routes.
gRPC Transcode
The grpc-transcode plugin converts between HTTP and gRPC requests and responses, facilitating seamless communication between different API protocols.
Mocking
The mocking plugin simulates API responses without forwarding requests to upstream services, offering customization of status codes, response bodies, headers, and more for API testing and development.
Proxy Rewrite
The proxy-rewrite plugin offers flexible options to rewrite requests that API gateway forwards to upstream services, enhancing API management.
Response Rewrite
The response-rewrite plugin allows rewriting of responses from API gateway and upstream services, providing flexibility in API responses.
SOAP
The soap plugin simplifies transformation between RESTful HTTP requests and SOAP requests, including their corresponding responses, for better API interoperability.
Authentication#
Authz Keycloak
The authz-keycloak plugin integrates with Keycloak for user authentication and authorization, enhancing API security and management.
Basic Auth
The basic-auth plugin provides basic access authentication, requiring clients to authenticate before accessing upstream resources, enhancing API security.
Forward Auth
The forward-auth plugin integrates with external authorization services, enhancing API security and access control.
HMAC Auth
The hmac-auth plugin supports HMAC authentication to ensure request integrity, preventing modifications during transmission and enhancing API security.
JWE Decrypt
The jwe-decrypt plugin decrypts JWE authorization headers in requests directed to routes or services, enhancing API security.
Key Auth
The key-auth plugin allows clients to authenticate using an authentication key before accessing upstream resources, enhancing API security measures.
JWT Auth
The jwt-auth plugin supports the use of JSON Web Token (JWT) for client authentication before accessing upstream resources, enhancing API security measures.
Multi Auth
The multi-auth plugin enables consumers using diverse authentication methods to share the same route or service, streamlining API lifecycle management.
OPA
The opa plugin integrates with Open Policy Agent, enabling unified policy definition and enforcement for authorization in API operations.
OpenID Connect
The openid-connect plugin integrates with OIDC providers like Keycloak and Auth0, simplifying user authentication in API management.
SAML Auth
The saml-auth plugin enables user authentication via SAML 2.0 in the API gateway by interacting with identity providers (IdP), enhancing API security.
Security#
ACL
The acl plugin controls access to upstream resources by verifying if the user is on the access control lists, enhancing API management.
Consumer Restriction
The consumer-restriction plugin implements access controls based on consumer name, route ID, service ID, or consumer group ID, enhancing API security.
Data Mask
The data-mask plugin removes or replaces sensitive information in request headers, bodies, and URL queries, enhancing data privacy and security.
CORS
The cors plugin enables cross-origin resource sharing, allowing servers to specify permitted origins and instructing browsers to load resources from those origins, enhancing API accessibility.
IP Restriction
The ip-restriction plugin restricts access to upstream resources based on an IP address whitelist or blacklist, improving API security.
UA Restriction
The ua-restriction plugin restricts access to upstream resources using an allowlist or denylist of user agents, preventing overload from web crawlers and enhancing API security.
Observability#
ClickHouse Logger
The clickhouse-logger plugin pushes request and response logs to ClickHouse databases in batches, allowing for customizable log formats to enhance data management.
Elasticsearch Logger
The elasticsearch-logger plugin pushes request and response logs in batches to Elasticsearch, allowing for customizable log formats to enhance data management.
Datadog
The datadog plugin integrates with Datadog, sending metrics to DogStatsD in batches to improve API monitoring and API performance tracking.
Error Log Logger
The error-log-logger plugin pushes APISIX's error logs to TCP, Apache SkyWalking, Apache Kafka, or ClickHouse servers, in batches. You can specify the severity level of which the plugin should send the corresponding logs.
Google Cloud Logging
The google-cloud-logging plugin pushes request and response logs in batches to Google Cloud Logging Service and supports the customization of log formats.
HTTP Logger
The http-logger plugin pushes request and response logs as JSON objects to HTTP(S) servers in batches, allowing for customizable log formats to enhance data management.
Kafka Logger
The kafka-logger plugin pushes request and response logs as JSON objects to Apache Kafka clusters in batches, allowing for customizable log formats to enhance data management.
Loki Logger
The Loki-Logger plugin sends request and response logs as JSON objects to Grafana Loki in batches via the Loki HTTP API, allowing for customizable log formats to enhance data management.
OpenTelemetry
The opentelemetry plugin instruments the API gateway, sending traces to the OpenTelemetry collector for monitoring API operations per OpenTelemetry specs.
Prometheus
The prometheus plugin integrates with Prometheus for metric collection and continuous monitoring, enhancing API observability.
RocketMQ Logger
The rocketmq-logger plugin pushes request and response logs as JSON objects to RocketMQ clusters in batches, allowing for customizable log formats to enhance data management.
Skywalking
The skywalking plugin integrates with Apache SkyWalking for effective request tracing, enhancing API observability.
SkyWalking Logger
The skywalking-logger pushes request and response logs as JSON objects to SkyWalking OAP server in batches, allowing for customizable log formats to enhance data management.
splunk-hec-logging
The splunk-hec-logging plugin serializes request and response context information to Splunk Event Data format and push to your Splunk HTTP Event Collector (HEC) in batches, allowing for customizable log formats to enhance data management.
syslog
The syslog plugin pushes request and response logs as JSON objects to syslog servers in batches, allowing for customizable log formats to enhance data management.
Zipkin
The zipkin plugin instruments the API gateway to send traces to Zipkin or compatible collectors like Jaeger and Apache SkyWalking, enhancing request tracing capabilities.
General#
Error Page
The error-page plugin customizes the error page displayed when APISIX encounters exceptions, enhancing user experience and business branding.
Public API
The public-api plugin exposes internal API endpoints, allowing external access while maintaining control over API management and security.
Real IP
The real-ip plugin enables the API gateway to fetch the client's real IP using the IP address from the HTTP header or query string, improving data quality.
Serverless#
AWS Lambda
The aws-lambda plugin simplifies APISIX integration with AWS Lambda and Amazon API gateway, supporting authentication via IAM user credentials and API keys.
Serverless Functions
The serverless function plugins (pre-function and post-function) allow execution of user-defined logic at the start or end of specified execution phases in API gateway.
