REST API supports authentication configuration for routes. Through three authentication methods: API key, JWT, and HMAC, you can verify the identity of callers, precisely control API access permissions, implement fine-grained control for multitenancy, ensure sensitive data isolation and compliant invocation, and effectively prevent unauthorized access and resource abuse. This topic describes how to configure a consumer authentication policy for REST API.
Procedure
After you enable consumer authentication, you must bind consumer authorization to the current interface. Otherwise, the interface cannot be accessed.
Cloud-native API Gateway provides two ways to configure consumer authentication: inside and outside an instance:
APIs outside an instance
Log on to the Cloud-native API Gateway console. In the left navigation pane, select API, and select a region in the top menu bar.
Click the target API. You can select the instance for which you want to configure consumer authentication from the drop-down list.
Then click the Consumer Authentication tab.
APIs inside an instance
Log on to the Cloud-native API Gateway console. In the left navigation pane, select Instance, and select a region in the top menu bar.
On the Instance page, click the ID of the target gateway instance. In the left navigation pane, select API, click the target API, and then click the Consumer Authentication tab.
Click Edit in the upper-right corner of the target interface, or on the Consumer Authentication tab, click Edit on the right side of Configuration Information, turn on Status, and select an Authentication Method.
ImportantAfter you change the consumer authentication configuration, you must republish it for the changes to take effect.
Parameter
Description
Status
Specifies whether to enable authentication. After you turn on the switch, authentication takes effect.
ImportantFor published APIs or routes, we recommend that you bind the consumer authentication policy first, wait until the authorization is completed, and then enable the policy.
Authentication Method
The authentication method used to authenticate consumers for the current interface. Currently, API key, JWT, and HMAC authentication methods are supported.
In the Consumer section, click Authorization, select a consumer from the drop-down list. You can also click Create Consumer to authorize a new consumer. Finally, click Add.
References
For more information about how to create and authorize consumers, see Create a consumer and Manage consumer authorization.
For more information about how consumers can securely access through authentication and authorization, see Configure consumer authorization and authentication.