Skip to main content
Version: Next

ApisixConsumer

ApisixConsumer is a Kubernetes CRD object that provides a spec to create an APISIX consumer and uniquely identify using any of the available authentication plugins.

note

Currently only authentication plugins are supported with ApisixConsumer CRD.

Usage#

The example below shows how you can configure an ApisixConsumer resource with keyAuth plugin:

apiVersion: apisix.apache.org/v2
kind: ApisixConsumer
metadata:
  name: jack
spec:
  authParameter:
    keyAuth:
      value:
        key: "auth-one"

You can then enable key-auth plugin on a route and use this consumer.

apiVersion: apisix.apache.org/v2
kind: ApisixRoute
metadata:
  name: httpbin-route
spec:
  http:
    - name: route-1
      match:
        hosts:
          - httpbin.org
        paths:
          - /*
      backends:
        - serviceName: httpbin
          servicePort: 80
      authentication:
        enable: true
        type: keyAuth

Now if you send a request without the API key, you will get a response with 401 Unauthorized.

curl http://127.0.0.1:9080/headers -H 'Host: httpbin.org'

It should output:

{"message":"Missing API key found in request"}

But if you pass the key as configured in the ApisixConsumer resource, the request passes.

curl -H "Host: httpbin.org" -H "apiKey: auth-one" http://127.0.0.1:9080/headers

It should output:

{
  "headers": {
    "Accept": "*/*", 
    "Apikey": "auth-one", 
    "Host": "httpbin.org", 
    "User-Agent": "curl/8.1.2", 
    "X-Forwarded-Host": "httpbin.org"
  }
}

Similarly you can use other authentication plugins with ApisixConsumer. See reference for the full API documentation.