sshniro edited a comment on issue #1243: request help: How to white-list consumers for the Keyauth plugin URL: https://github.com/apache/incubator-apisix/issues/1243#issuecomment-603065789 Yes, Agree @soulsoul I think this can be a separate Access Control Plugin. This is the scenario I have and I assume this can be a common scenario as well. We are proxying device data through REST and MQTT and we provide a token to the device. The problem with the current implementation is, if the device has a valid token/key then it can publish data to any routes. We need a way to control it. @membphis This is how the implementation will look like this: ```bash curl http://127.0.0.1:9080/apisix/admin/consumers -X PUT -d ' { "username": "device1", "plugins": { "key-auth": { "key": "keytodeviceone" } } }' curl http://127.0.0.1:9080/apisix/admin/routes/1 ' -X PUT -d ' { "uri": "/device1publishroute", "id": 1, "plugins": { "key-auth": {}, "acl-plugin": ['device1', 'device2', 'user1', 'user2'] }, "upstream": { "type": "roundrobin", "nodes": { "39.97.63.215:80": 1 } } }' ``` The ACL plugins should be executed after the keyauth plugin.
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services
