I see the key-auth plugin doc from https://github.com/apache/incubator-apisix/blob/master/doc/plugins/key-auth-cn.md says that:
curl -i http://127.0.0.1:9180/apisix/admin/consumers -X PUT -d ' { "username": "jack", "plugins": { "key-auth": { "key": "auth-one" } } }' curl -i http://127.0.0.1:9180/apisix/admin/routes/115 -X PUT -d ' { "methods": ["GET","HEAD"], "uri": "/kat", "plugins": { "key-auth": {} }, "upstream": { "type": "roundrobin", "nodes": { "127.0.0.1:8086": 10 } } }' # curl -I http://127.0.0.1:9080/kat -H 'apikey: auth-one' HTTP/1.1 404 Not Found # curl -I http://127.0.0.1:9080/kat HTTP/1.1 401 Unauthorized curl -i http://127.0.0.1:9180/apisix/admin/consumers -X PUT -d ' { "username": "jack1", "plugins": { "key-auth": { "key": "auth-one1" } } }' curl -i http://127.0.0.1:9180/apisix/admin/routes/116 -X PUT -d ' { "methods": ["GET","HEAD"], "uri": "/kat1", "plugins": { "key-auth": {} }, "upstream": { "type": "roundrobin", "nodes": { "127.0.0.1:8086": 10 } } }' # curl -I http://127.0.0.1:9080/kat1 HTTP/1.1 401 Unauthorized # curl -I http://127.0.0.1:9080/kat1 -H 'apikey: auth-one1' HTTP/1.1 404 Not Found # curl -I http://127.0.0.1:9080/kat1 -H 'apikey: auth-one' HTTP/1.1 404 Not Found ---- Now using `apikey: auth-one` and 'apikey: auth-one1' in header could access url `http://127.0.0.1:9080/kat1` and `http://127.0.0.1:9080/kat`. How to set up key-auth rules just like : `apikey: auth-one` ----> `http://127.0.0.1:9080/kat` ----> http 200 ----> `http://127.0.0.1:9080/kat1` ----> http 401 `apikey: auth-one1` ----> `http://127.0.0.1:9080/kat1` ----> http 200 ----> `http://127.0.0.1:9080/kat` ----> http 401 What's more, why we should set a blank key-auth plugin for routes like: "plugins": { "key-auth": {} } other than: "plugins": { "key-auth": "jack" # or "jack1" from `username` of consumers }
