New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add support for externalized consumers #7657

Open

jschmid1 wants to merge 4 commits into main from feat/externalized-consumers

+93 −25

Contributor

jschmid1 commented Jul 18, 2024

Description

Testing instructions

Preview link:

Checklist

Review label added
Conditional version tags added, if applicable.


          feat: add support for externalized consumers

807eba5

netlify bot commented Jul 18, 2024 •

edited

Loading

✅ Deploy Preview for kongdocs ready!

Name	Link
🔨 Latest commit	`ac821af`
🔍 Latest deploy log	https://app.netlify.com/sites/kongdocs/deploys/66c6418e4d65f400086af23e
😎 Deploy Preview	https://deploy-preview-7657--kongdocs.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.
Lighthouse	9 paths audited Performance: 91 (🟢 up 1 from production) Accessibility: 92 (no change from production) Best Practices: 98 (🟢 up 8 from production) SEO: 91 (no change from production) PWA: - View the detailed breakdown and full score reports

To edit notification comments on pull requests, go to your Netlify site configuration.

jschmid1 added the do not merge label

Guaris added the review:general label

Guaris requested a review from lena-larionova

July 22, 2024 16:12

lena-larionova added this to the Gateway 3.8 milestone

Guaris self-assigned this


          Merge branch 'main' into feat/externalized-consumers

9bddade

Guaris marked this pull request as ready for review

August 19, 2024 16:29

Guaris requested a review from a team as a code owner

August 19, 2024 16:29

mheap reviewed

View reviewed changes

app/_hub/kong-inc/key-auth/overview/_index.md Outdated

Comment on lines 366 to 367

		- geo: null
		id: null

Member

mheap Aug 19, 2024

geo and id should be optional (default null) imo

Guaris reviewed

View reviewed changes

app/_hub/kong-inc/key-auth/overview/_index.md Outdated


		-- Dummy/Link that points to Konnect Docs when ready.

		With the `pool_id` you obtained from the previous step, you can configure the key-auth plugin to validate API keys against the Identity Service.

Contributor

Guaris Aug 19, 2024

@jschmid1 where does the pool_id come from? Konnect?

Guaris added 2 commits

August 19, 2024 14:19


          start restructuring information on this page

a89ecfc


          split out pool info into its own doc

ac821af

smritikjaggi reviewed

View reviewed changes

Contributor

smritikjaggi left a comment

We need to change all references of pools to realms, and update the field terminology

app/_hub/kong-inc/key-auth/how-to/_index.md

@@ @@ -0,0 +1,71 @@ @@
+              ---
+              nav_title:
+              title: How to configure pools

Contributor

smritikjaggi Sep 9, 2024

Change to Realms

app/_hub/kong-inc/key-auth/how-to/_index.md

		---


		With `pool_id` you can configure the key-auth plugin to validate API keys against the Identity Service.

Contributor

smritikjaggi Sep 9, 2024

Change to "realm_id"

app/_hub/kong-inc/key-auth/how-to/_index.md


		With `pool_id` you can configure the key-auth plugin to validate API keys against the Identity Service.

		### Configuring Multiple Pools

Contributor

smritikjaggi Sep 9, 2024

change to "Realms"

app/_hub/kong-inc/key-auth/how-to/_index.md


		### Configuring Multiple Pools

		In the key-auth plugin configuration, add the `pools` option as shown below:

Contributor

smritikjaggi Sep 9, 2024

change to "realms"

app/_hub/kong-inc/key-auth/how-to/_index.md

+              In the key-auth plugin configuration, add the `pools` option as shown below:
+              ```yaml
+              pools:

Contributor

smritikjaggi Sep 9, 2024

change to "identity_realms"

app/_hub/kong-inc/key-auth/how-to/_index.md

+                  type: remote
+              ```
+              In this configuration, the dataplane will initially check the local pool (LMDB) before querying the remote Identity Service.

Contributor

smritikjaggi Sep 9, 2024

cp-scoped consumers first

app/_hub/kong-inc/key-auth/how-to/_index.md


		In this configuration, the dataplane will initially check the local pool (LMDB) before querying the remote Identity Service.

		If a matching key is found in any of these pools, the request will be authenticated. If the key is not found in any of the configured pools, the request will be blocked.

Contributor

smritikjaggi Sep 9, 2024

"realms"

app/_hub/kong-inc/key-auth/how-to/_index.md


		If a matching key is found in any of these pools, the request will be authenticated. If the key is not found in any of the configured pools, the request will be blocked.

		### Configuring Single Pools

Contributor

smritikjaggi Sep 9, 2024

Single Realm

app/_hub/kong-inc/key-auth/how-to/_index.md


		### Configuring Single Pools

		It is also possible to configure only a single pool, either local or remote. However, only one of each type can be configured.

Contributor

smritikjaggi Sep 9, 2024

change pool to realm
change "either local or remote" to "consumers can be scoped to the geo or cp".

app/_hub/kong-inc/key-auth/how-to/_index.md


		It is also possible to configure only a single pool, either local or remote. However, only one of each type can be configured.

		To configure only a remote pool:

Contributor

smritikjaggi Sep 9, 2024

change "remote pool" to "realm"

lena-larionova removed this from the Gateway 3.8 milestone

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

do not merge review:general