ikatlinsky opened a new issue, #8615: URL: https://github.com/apache/apisix/issues/8615
### Description Have a question regarding the authentication capabilities of the apisix. We have the following use case: 1. Client that needs to authenticate in apisix with one set of credentials to access Route 2. Route is configured to the Upstream 3. Upstream endpoint requires its own authentication mechanism For example, to access the apisix route we want to use Keycloak open id authentication and the upstream endpoint requires basic authentication. Currently, we can use a set of plugins from [here](https://apisix.apache.org/docs/apisix/getting-started/) to authenticate on Route level, but there is no ability to configure authentication on upstream level. We managed to complete this task by adding an additional plugin `serverless-pre-function` to rewrite headers using lua scripts before passing requests to the upstream, but this approach seems to be complicated. Is there any best practice regarding described use case? ### Environment - APISIX version (run `apisix version`): 3.1.0 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
