Skip to main content
Version: Next

ApisixConsumer

ApisixConsumer is a Kubernetes CRD object that provides a spec to create an APISIX consumer and uniquely identify using any of the available authentication plugins.

note

Currently only authentication plugins are supported with ApisixConsumer CRD.

Usage#

The example below shows how you can configure an ApisixConsumer resource with keyAuth plugin:

apiVersion: apisix.apache.org/v2
kind: ApisixConsumer
metadata:
name: jack
spec:
authParameter:
keyAuth:
value:
key: "auth-one"

You can then enable key-auth plugin on a route and use this consumer.

apiVersion: apisix.apache.org/v2
kind: ApisixRoute
metadata:
name: httpbin-route
spec:
http:
- name: route-1
match:
hosts:
- httpbin.org
paths:
- /*
backends:
- serviceName: httpbin
servicePort: 80
authentication:
enable: true
type: keyAuth

Now if you send a request without the API key, you will get a response with 401 Unauthorized.

curl http://127.0.0.1:9080/headers -H 'Host: httpbin.org'

It should output:

{"message":"Missing API key found in request"}

But if you pass the key as configured in the ApisixConsumer resource, the request passes.

curl -H "Host: httpbin.org" -H "apiKey: auth-one" http://127.0.0.1:9080/headers

It should output:

{
"headers": {
"Accept": "*/*",
"Apikey": "auth-one",
"Host": "httpbin.org",
"User-Agent": "curl/8.1.2",
"X-Forwarded-Host": "httpbin.org"
}
}

Similarly you can use other authentication plugins with ApisixConsumer. See reference for the full API documentation.