All Products
Search

This Product

    API Gateway:Create a consumer

    Document Center

    API Gateway:Create a consumer

    Last Updated:Dec 03, 2025

    AI Gateway uses consumers to authenticate routes and APIs. This topic describes how to create and manage consumers in the AI Gateway console.

    Procedure

    1. Log on to the AI Gateway console.

    2. In the navigation pane on the left, choose Consumers. In the top menu bar, select a region.

    3. In the upper-left corner of the Consumers page, click Create Consumer.

    4. On the Create Consumer page, enter a consumer name, select an authentication method, and click Create.

      API Key authentication

      The following table describes the parameters:

      Configuration Item

      Description

      Consumer Name

      The custom name of the consumer.

      Status

      The status of the consumer. It can be Enabled or Disabled. After you create the consumer, you can manually enable or disable it.

      Description

      The description of the consumer.

      Authentication Method

      The authentication methods supported by the consumer. Currently, JWT and API Key are supported.

      Generation Method

      • System-generated: The system automatically generates an API key credential.

      • Custom: Specify a custom API key credential and its source.

      Credential

      The custom API key credential.

      Credential Source

      The location in the request from which the gateway fetches the credential. The following locations are supported:

      • Authorization: Bearer <token>

      • Custom HTTP Header

      • Custom Query Parameters

      JWT authentication

      The following table describes the parameters:

      Configuration Item

      Description

      Consumer Name

      The custom name of the consumer.

      Status

      The status of the consumer. It can be Enabled or Disabled. After you create the consumer, you can manually enable or disable it.

      Description

      The description of the consumer.

      Authentication Method

      The authentication methods supported by the consumer. Currently, JWT and API Key are supported.

      Key Type

      • Symmetric Key: A default JSON Web Key Set (JWKS) configuration is generated. This configuration is unique for each consumer and contains the key used to encrypt or decrypt the token.

      • Asymmetric Key: You must enter a complete JWKS configuration. Use the private key to encrypt the token. The gateway uses the public key configured in the JWKS for decryption.

      JWKS

      For more information about JWKS specifications, see JSON Web Key (JWK).

      JWKS Token Configuration

      • Type: The type of the token parameter. The default is Header.

      • Key: The name of the token parameter.

      • Prefix: The prefix of the token parameter name. Configure the token parameter information that requires verification. By default, the token is placed in the Authorization Header with the Bearer prefix. For example: Authorization: Bearer token.

      • Enable Passthrough: Select this option to pass the token parameter to the backend service.

      Consumer Identity in JWKS Payload

      Specify the key and its corresponding value from the JWKS payload to identify the current consumer. By default, a key-value pair is provided where the key is uid and the value is a random string. You can modify them as needed.

      The following code shows a sample payload configuration:

      {
  "uid": "11215ac069234abcb8944232b79ae711"
}