This is an automated email from the ASF dual-hosted git repository.
kayx23 pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/apisix.git
The following commit(s) were added to refs/heads/master by this push:
new eb31ea4c7 docs: remove stale admin key default examples (#13448)
eb31ea4c7 is described below
commit eb31ea4c741b7f871789d28549004ab46cc48c05
Author: Traky Deng <[email protected]>
AuthorDate: Wed Jun 3 17:33:26 2026 +0800
docs: remove stale admin key default examples (#13448)
---
docs/en/latest/FAQ.md | 16 ++++++++--------
docs/en/latest/admin-api.md | 18 +++++++++---------
docs/en/latest/certificate.md | 2 +-
docs/en/latest/dashboard.md | 4 ++--
docs/en/latest/plugins/authz-casdoor.md | 11 ++++++++++-
docs/en/latest/plugins/csrf.md | 2 +-
docs/en/latest/terminology/plugin-config.md | 2 +-
docs/en/latest/tutorials/cache-api-responses.md | 4 ++--
docs/en/latest/tutorials/client-to-apisix-mtls.md | 22 +++++++++++-----------
docs/en/latest/tutorials/expose-api.md | 17 +++++++++++++----
.../latest/tutorials/monitor-api-health-check.md | 15 ++++++++++++---
.../latest/tutorials/websocket-authentication.md | 13 +++++++++++--
docs/zh/latest/FAQ.md | 6 +++---
docs/zh/latest/admin-api.md | 10 +++++-----
docs/zh/latest/certificate.md | 2 +-
docs/zh/latest/dashboard.md | 4 ++--
docs/zh/latest/plugins/authz-casdoor.md | 12 +++++++++++-
docs/zh/latest/plugins/csrf.md | 2 +-
docs/zh/latest/plugins/gm.md | 2 +-
docs/zh/latest/tutorials/cache-api-responses.md | 4 ++--
docs/zh/latest/tutorials/client-to-apisix-mtls.md | 14 ++++++++++++--
docs/zh/latest/tutorials/expose-api.md | 17 +++++++++++++----
22 files changed, 132 insertions(+), 67 deletions(-)
diff --git a/docs/en/latest/FAQ.md b/docs/en/latest/FAQ.md
index faa0e5adb..96c3f3a0c 100644
--- a/docs/en/latest/FAQ.md
+++ b/docs/en/latest/FAQ.md
@@ -447,17 +447,17 @@ HTTP/1.1 200 OK
## What is the `X-API-KEY` of the Admin API? Can it be modified?
-`X-API-KEY` of the Admin API refers to the `apisix.admin_key.key` in your
`conf/config.yaml` file. It is the access token for the Admin API.
+`X-API-KEY` of the Admin API refers to `deployment.admin.admin_key[0].key` in
your `conf/config.yaml` file. It is the access token for the Admin API.
-By default, it is set to `edd1c9f034335f136f87ad84b625c8f1` and can be
modified by changing the parameter in your `conf/config.yaml` file:
+In the default configuration, this field is empty. APISIX generates a random
Admin API key during initialization and writes it back to `conf/config.yaml`.
You can also set the key explicitly by changing the parameter in your
`conf/config.yaml` file:
```yaml
-apisix:
- admin_key
- -
- name: "admin"
- key: newkey
- role: admin
+deployment:
+ admin:
+ admin_key:
+ - name: "admin"
+ key: newkey
+ role: admin
```
Now, to access the Admin API:
diff --git a/docs/en/latest/admin-api.md b/docs/en/latest/admin-api.md
index 21f416b71..31496f1aa 100644
--- a/docs/en/latest/admin-api.md
+++ b/docs/en/latest/admin-api.md
@@ -54,7 +54,7 @@ deployment:
admin:
admin_key:
- name: admin
- key: edd1c9f034335f136f87ad84b625c8f1 # using fixed API token has
security risk, please update it when you deploy to production environment
+ key: your-admin-key # set a secure Admin API key; if left empty,
APISIX will generate one during initialization and write it back to this file
role: admin
allow_admin: #
http://nginx.org/en/docs/http/ngx_http_access_module.html#allow
- 127.0.0.0/24
@@ -92,7 +92,7 @@ deployment:
admin:
admin_key:
- name: admin
- key: ${{ADMIN_KEY:=edd1c9f034335f136f87ad84b625c8f1}}
+ key: ${{ADMIN_KEY:=your-admin-key}}
role: admin
allow_admin:
- 127.0.0.0/24
@@ -101,7 +101,7 @@ deployment:
port: 9180
```
-This will find the environment variable `ADMIN_KEY` first, and if it does not
exist, it will use `edd1c9f034335f136f87ad84b625c8f1` as the default value.
+This will find the environment variable `ADMIN_KEY` first, and if it does not
exist, it will use the fallback value you provided in the configuration.
You can also specify environment variables in yaml keys. This is specifically
useful in the `standalone` [mode](./deployment-modes.md#standalone) where you
can specify the upstream nodes as follows:
@@ -752,7 +752,7 @@ Example configuration:
```shell
curl http://127.0.0.1:9180/apisix/admin/services/201 \
- -H'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PATCH -i -d '
+ -H'X-API-KEY: your-admin-key' -X PATCH -i -d '
{
"upstream": {
"nodes": {
@@ -780,7 +780,7 @@ Example configuration:
```shell
curl http://127.0.0.1:9180/apisix/admin/services/201 \
- -H'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PATCH -i -d '
+ -H'X-API-KEY: your-admin-key' -X PATCH -i -d '
{
"upstream": {
"nodes": {
@@ -807,7 +807,7 @@ Example configuration:
```shell
curl http://127.0.0.1:9180/apisix/admin/services/201/upstream/nodes \
- -H'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PATCH -i -d '
+ -H'X-API-KEY: your-admin-key' -X PATCH -i -d '
{
"127.0.0.1:1982": 1
}'
@@ -1125,7 +1125,7 @@ Example Configuration:
```shell
curl http://127.0.0.1:9180/apisix/admin/upstreams/100 \
- -H'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PATCH -i -d '
+ -H'X-API-KEY: your-admin-key' -X PATCH -i -d '
{
"nodes": {
"127.0.0.1:1981": 10
@@ -1489,7 +1489,7 @@ The plugin can be filtered on subsystem so that the
({plugin_name}) is searched
```shell
curl "http://127.0.0.1:9180/apisix/admin/plugins/list" \
--H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1'
+-H 'X-API-KEY: your-admin-key'
```
```shell
@@ -1497,7 +1497,7 @@ curl "http://127.0.0.1:9180/apisix/admin/plugins/list" \
```
```shell
-curl "http://127.0.0.1:9180/apisix/admin/plugins/key-auth?subsystem=http" -H
'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1'
+curl "http://127.0.0.1:9180/apisix/admin/plugins/key-auth?subsystem=http" -H
'X-API-KEY: your-admin-key'
```
```json
diff --git a/docs/en/latest/certificate.md b/docs/en/latest/certificate.md
index 8916b667b..8d18bc5a4 100644
--- a/docs/en/latest/certificate.md
+++ b/docs/en/latest/certificate.md
@@ -237,7 +237,7 @@ deployment:
admin:
admin_key
- name: admin
- key: edd1c9f034335f136f87ad84b625c8f1
+ key: your-admin-key
role: admin
admin_listen:
ip: 127.0.0.1
diff --git a/docs/en/latest/dashboard.md b/docs/en/latest/dashboard.md
index 27239c701..f12a4bf79 100644
--- a/docs/en/latest/dashboard.md
+++ b/docs/en/latest/dashboard.md
@@ -73,8 +73,8 @@ deployment:
-
name: admin
role: admin
- # Using a simple Admin API Key poses security risks. Please update it
when deploying to production
- key: edd1c9f034335f136f87ad84b625c8f1
+ # Set a secure Admin API Key. If left empty, APISIX will generate one
during initialization and write it back to this file.
+ key: your-admin-key
```
Configuration via environment variables is also supported:
diff --git a/docs/en/latest/plugins/authz-casdoor.md
b/docs/en/latest/plugins/authz-casdoor.md
index e85ef186e..a61e7a8de 100644
--- a/docs/en/latest/plugins/authz-casdoor.md
+++ b/docs/en/latest/plugins/authz-casdoor.md
@@ -59,8 +59,17 @@ The `callback_url` must belong to the URI of your Route. See
the code snippet be
You can enable the Plugin on a specific Route as shown below:
+:::note
+You can fetch the `admin_key` from `config.yaml` and save to an environment
variable with the following command:
+
+```bash
+admin_key=$(yq '.deployment.admin.admin_key[0].key' conf/config.yaml | sed
's/"//g')
+```
+
+:::
+
```shell
-curl "http://127.0.0.1:9180/apisix/admin/routes/1" -H "X-API-KEY:
edd1c9f034335f136f87ad84b625c8f1" -X PUT -d '
+curl "http://127.0.0.1:9180/apisix/admin/routes/1" -H "X-API-KEY: $admin_key"
-X PUT -d '
{
"methods": ["GET"],
"uri": "/anything/*",
diff --git a/docs/en/latest/plugins/csrf.md b/docs/en/latest/plugins/csrf.md
index 2f45e23b6..411b1b41d 100644
--- a/docs/en/latest/plugins/csrf.md
+++ b/docs/en/latest/plugins/csrf.md
@@ -63,7 +63,7 @@ curl -i http://127.0.0.1:9180/apisix/admin/routes/1 -H
"X-API-KEY: $admin_key" -
"uri": "/hello",
"plugins": {
"csrf": {
- "key": "edd1c9f034335f136f87ad84b625c8f1"
+ "key": "csrf-secret-key"
}
},
"upstream": {
diff --git a/docs/en/latest/terminology/plugin-config.md
b/docs/en/latest/terminology/plugin-config.md
index 88476d44a..da2a1379a 100644
--- a/docs/en/latest/terminology/plugin-config.md
+++ b/docs/en/latest/terminology/plugin-config.md
@@ -62,7 +62,7 @@ curl http://127.0.0.1:9180/apisix/admin/plugin_configs/1 \
```shell
curl http://127.0.0.1:9180/apisix/admin/routes/1 \
--H 'X-API-KEY:edd1c9f034335f136f87ad84b625c8f1' -X PUT -i -d '
+-H "X-API-KEY: $admin_key" -X PUT -i -d '
{
"uris": ["/index.html"],
"plugin_config_id": 1,
diff --git a/docs/en/latest/tutorials/cache-api-responses.md
b/docs/en/latest/tutorials/cache-api-responses.md
index 9ee23f888..717d44512 100644
--- a/docs/en/latest/tutorials/cache-api-responses.md
+++ b/docs/en/latest/tutorials/cache-api-responses.md
@@ -116,7 +116,7 @@ curl http://127.0.0.1:9180/apisix/admin/plugins/reload -H
"X-API-KEY: $admin_key
Then, we run two more curl commands to configure an Upstream and Route for the
`/api/products` endpoint. The following command creates a sample upstream
(that's our API Server):
``` shell
-curl "http://127.0.0.1:9180/apisix/admin/upstreams/1" -H "X-API-KEY:
edd1c9f034335f136f87ad84b625c8f1" -X PUT -d '
+curl "http://127.0.0.1:9180/apisix/admin/upstreams/1" -H "X-API-KEY:
$admin_key" -X PUT -d '
{
"type": "roundrobin",
"nodes": {
@@ -128,7 +128,7 @@ curl "http://127.0.0.1:9180/apisix/admin/upstreams/1" -H
"X-API-KEY: edd1c9f0343
Next, we will add a new route with caching ability by setting `proxy-cache`
plugin in `plugins` property and giving a reference to the upstream service by
its unique id to forward requests to the API server:
``` shell
-curl "http://127.0.0.1:9180/apisix/admin/routes/1" -H "X-API-KEY:
edd1c9f034335f136f87ad84b625c8f1" -X PUT -d '{
+curl "http://127.0.0.1:9180/apisix/admin/routes/1" -H "X-API-KEY: $admin_key"
-X PUT -d '{
"name": "Route for API Caching",
"methods": [
"GET"
diff --git a/docs/en/latest/tutorials/client-to-apisix-mtls.md
b/docs/en/latest/tutorials/client-to-apisix-mtls.md
index ef0ac7149..9bd7f9d6f 100644
--- a/docs/en/latest/tutorials/client-to-apisix-mtls.md
+++ b/docs/en/latest/tutorials/client-to-apisix-mtls.md
@@ -74,9 +74,18 @@ Note that the newline character in the certificate needs to
be replaced with its
:::
+:::note
+You can fetch the `admin_key` from `config.yaml` and save it to an environment
variable with the following command:
+
+```bash
+admin_key=$(yq '.deployment.admin.admin_key[0].key' conf/config.yaml | sed
's/"//g')
+```
+
+:::
+
```shell
curl -X PUT 'http://127.0.0.1:9180/apisix/admin/ssls/1' \
---header 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' \
+--header 'X-API-KEY: $admin_key' \
--header 'Content-Type: application/json' \
--data-raw '{
"sni": "test.com",
@@ -99,7 +108,7 @@ Use the `curl` command to request the APISIX Admin API to
create a route.
```shell
curl -X PUT 'http://127.0.0.1:9180/apisix/admin/routes/1' \
---header 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' \
+--header 'X-API-KEY: $admin_key' \
--header 'Content-Type: application/json' \
--data-raw '{
"uri": "/anything",
@@ -206,15 +215,6 @@ instead of alert error in the SSL handshake phase, if the
client certificate is
### Example
-:::note
-You can fetch the `admin_key` from `config.yaml` and save to an environment
variable with the following command:
-
-```bash
-admin_key=$(yq '.deployment.admin.admin_key[0].key' conf/config.yaml | sed
's/"//g')
-```
-
-:::
-
1. Configure route and ssl via admin API
```bash
diff --git a/docs/en/latest/tutorials/expose-api.md
b/docs/en/latest/tutorials/expose-api.md
index cab143a25..69eb4ea74 100644
--- a/docs/en/latest/tutorials/expose-api.md
+++ b/docs/en/latest/tutorials/expose-api.md
@@ -56,9 +56,18 @@ Please make sure you have [installed Apache
APISIX](../installation-guide.md) be
Create an Upstream service containing `httpbin.org` that you can use for
testing. This is a return service that will return the parameters we passed in
the request.
+:::note
+You can fetch the `admin_key` from `config.yaml` and save it to an environment
variable with the following command:
+
+```bash
+admin_key=$(yq '.deployment.admin.admin_key[0].key' conf/config.yaml | sed
's/"//g')
+```
+
+:::
+
```
curl "http://127.0.0.1:9180/apisix/admin/upstreams/1" \
--H "X-API-KEY: edd1c9f034335f136f87ad84b625c8f1" -X PUT -d '
+-H "X-API-KEY: $admin_key" -X PUT -d '
{
"type": "roundrobin",
"nodes": {
@@ -67,7 +76,7 @@ curl "http://127.0.0.1:9180/apisix/admin/upstreams/1" \
}'
```
-In this command, we specify the Admin API Key of Apache APISIX as
`edd1c9f034335f136f87ad84b625c8f1`, use `roundrobin` as the load balancing
mechanism, and set `httpbin.org:80` as the upstream service. To bind this
upstream to a route, `upstream_id` needs to be set to `1` here. Here you can
specify multiple upstreams under `nodes` to achieve load balancing.
+In this command, we use the Admin API key stored in `$admin_key`, use
`roundrobin` as the load balancing mechanism, and set `httpbin.org:80` as the
upstream service. To bind this upstream to a route, `upstream_id` needs to be
set to `1` here. Here you can specify multiple upstreams under `nodes` to
achieve load balancing.
For more information, please refer to [Upstream](../terminology/upstream.md).
@@ -75,7 +84,7 @@ For more information, please refer to
[Upstream](../terminology/upstream.md).
```shell
curl "http://127.0.0.1:9180/apisix/admin/routes/1" \
--H "X-API-KEY: edd1c9f034335f136f87ad84b625c8f1" -X PUT -d '
+-H "X-API-KEY: $admin_key" -X PUT -d '
{
"methods": ["GET"],
"host": "example.com",
@@ -90,7 +99,7 @@ Adding an `upstream` object to your route can achieve the
above effect.
```shell
curl "http://127.0.0.1:9180/apisix/admin/routes/1" \
--H "X-API-KEY: edd1c9f034335f136f87ad84b625c8f1" -X PUT -d '
+-H "X-API-KEY: $admin_key" -X PUT -d '
{
"methods": ["GET"],
"host": "example.com",
diff --git a/docs/en/latest/tutorials/monitor-api-health-check.md
b/docs/en/latest/tutorials/monitor-api-health-check.md
index 84edad340..bd812074f 100644
--- a/docs/en/latest/tutorials/monitor-api-health-check.md
+++ b/docs/en/latest/tutorials/monitor-api-health-check.md
@@ -52,8 +52,17 @@ To check API health periodically, APISIX needs an HTTP path
of the health endpoi
This process involves checking the operational status of the 'upstream' nodes.
APISIX provides two types of health checks: **Active checks** and **Passive
Checks** respectively. Read more about Health Checks and how to enable them
[here](https://apisix.apache.org/docs/apisix/tutorials/health-check/). Use the
[Admin API](https://apisix.apache.org/docs/apisix/admin-api/) to create an
Upstream object. Here is an example of creating an
[Upstream](https://apisix.apache.org/docs/apisix/termino [...]
+:::note
+You can fetch the `admin_key` from `config.yaml` and save it to an environment
variable with the following command:
+
+```bash
+admin_key=$(yq '.deployment.admin.admin_key[0].key' conf/config.yaml | sed
's/"//g')
+```
+
+:::
+
```bash
-curl "http://127.0.0.1:9180/apisix/admin/upstreams/1" -H "X-API-KEY:
edd1c9f034335f136f87ad84b625c8f1" -X PUT -d '
+curl "http://127.0.0.1:9180/apisix/admin/upstreams/1" -H "X-API-KEY:
$admin_key" -X PUT -d '
{
"nodes":{
"web1:80":1,
@@ -86,7 +95,7 @@ This example configures an active health check on the
**`/health`** endpoint of
Create a global rule to enable the `prometheus` plugin on all routes by adding
`"prometheus": {}` in the plugins option. APISIX gathers internal runtime
metrics and exposes them through port `9091` and URI path
`/apisix/prometheus/metrics` by default that Prometheus can scrape. It is also
possible to customize the export port and **URI path**, **add** **extra labels,
the frequency of these scrapes, and other parameters** by configuring them in
the Prometheus configuration `/prometheus_co [...]
```bash
-curl "http://127.0.0.1:9180/apisix/admin/global_rules" -H "X-API-KEY:
edd1c9f034335f136f87ad84b625c8f1" -X PUT -d '
+curl "http://127.0.0.1:9180/apisix/admin/global_rules" -H "X-API-KEY:
$admin_key" -X PUT -d '
{
"id":"rule-for-metrics",
"plugins":{
@@ -101,7 +110,7 @@ curl "http://127.0.0.1:9180/apisix/admin/global_rules" -H
"X-API-KEY: edd1c9f034
Create a [Route](https://apisix.apache.org/docs/apisix/terminology/route/)
object to route incoming requests to upstream nodes:
```bash
-curl "http://127.0.0.1:9180/apisix/admin/routes/1" -H "X-API-KEY:
edd1c9f034335f136f87ad84b625c8f1" -X PUT -d '
+curl "http://127.0.0.1:9180/apisix/admin/routes/1" -H "X-API-KEY: $admin_key"
-X PUT -d '
{
"name":"backend-service-route",
"methods":[
diff --git a/docs/en/latest/tutorials/websocket-authentication.md
b/docs/en/latest/tutorials/websocket-authentication.md
index f77d466a8..5b74891c4 100644
--- a/docs/en/latest/tutorials/websocket-authentication.md
+++ b/docs/en/latest/tutorials/websocket-authentication.md
@@ -79,9 +79,18 @@ Since the Upstream uses wss protocol, the scheme is set to
`https`. We should al
In this tutorial, we will use the
[key-auth](https://apisix.apache.org/docs/apisix/plugins/key-auth/) Plugin.
This would work similarly for other authentication methods:
+:::note
+You can fetch the `admin_key` from `config.yaml` and save it to an environment
variable with the following command:
+
+```bash
+admin_key=$(yq '.deployment.admin.admin_key[0].key' conf/config.yaml | sed
's/"//g')
+```
+
+:::
+
```shell
curl --location --request PUT 'http://127.0.0.1:9180/apisix/admin/routes/1' \
---header 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' \
+--header 'X-API-KEY: $admin_key' \
--header 'Content-Type: application/json' \
--data-raw '{
"uri": "/*",
@@ -106,7 +115,7 @@ We will now create a
[Consumer](https://apisix.apache.org/docs/apisix/terminolog
```sh
curl --location --request PUT
'http://127.0.0.1:9180/apisix/admin/consumers/jack' \
---header 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' \
+--header 'X-API-KEY: $admin_key' \
--header 'Content-Type: application/json' \
--data-raw '{
"username": "jack",
diff --git a/docs/zh/latest/FAQ.md b/docs/zh/latest/FAQ.md
index 5dcb639ea..2d58dec59 100644
--- a/docs/zh/latest/FAQ.md
+++ b/docs/zh/latest/FAQ.md
@@ -450,14 +450,14 @@ curl http://127.0.0.1:9080/ip -i
## Admin API 的 `X-API-KEY` 指的是什么?是否可以修改?
-Admin API 的 `X-API-KEY` 指的是 `./conf/config.yaml` 文件中的
`deployment.admin.admin_key.key`,默认值是 `edd1c9f034335f136f87ad84b625c8f1`。它是
Admin API 的访问 token。
+Admin API 的 `X-API-KEY` 指的是 `./conf/config.yaml` 文件中的
`deployment.admin.admin_key[0].key`。它是 Admin API 的访问 token。
-默认情况下,它被设置为 `edd1c9f034335f136f87ad84b625c8f1`,也可以通过修改 `./conf/conf/config`
中的参数来修改,如下示例:
+在默认配置中,该字段为空。APISIX 会在初始化时自动生成一个随机的 Admin API Key,并将其写回
`./conf/config.yaml`。你也可以通过修改 `./conf/config.yaml` 中的参数来显式设置该 Key,如下示例:
```yaml
deployment:
admin:
- admin_key
+ admin_key:
- name: "admin"
key: newkey
role: admin
diff --git a/docs/zh/latest/admin-api.md b/docs/zh/latest/admin-api.md
index 62ea51a1f..a57d30188 100644
--- a/docs/zh/latest/admin-api.md
+++ b/docs/zh/latest/admin-api.md
@@ -56,7 +56,7 @@ deployment:
admin:
admin_key:
- name: admin
- key: edd1c9f034335f136f87ad84b625c8f1 # 使用默认的 Admin API Key
存在安全风险,部署到生产环境时请及时更新
+ key: your-admin-key # 设置安全的 Admin API Key;如果留空,APISIX
会在初始化时自动生成并写回此文件
role: admin
allow_admin: #
http://nginx.org/en/docs/http/ngx_http_access_module.html#allow
- 127.0.0.0/24
@@ -94,7 +94,7 @@ deployment:
admin:
admin_key:
- name: admin
- key: ${{ADMIN_KEY:=edd1c9f034335f136f87ad84b625c8f1}}
+ key: ${{ADMIN_KEY:=your-admin-key}}
role: admin
allow_admin:
- 127.0.0.0/24
@@ -103,7 +103,7 @@ deployment:
port: 9180
```
-首先查找环境变量 `ADMIN_KEY`,如果该环境变量不存在,它将使用 `edd1c9f034335f136f87ad84b625c8f1` 作为默认值。
+首先查找环境变量 `ADMIN_KEY`,如果该环境变量不存在,它将使用你在配置中提供的兜底值。
您还可以在 yaml 键中指定环境变量。这在 `standalone` 模式 中特别有用,您可以在其中指定上游节点,如下所示:
@@ -1493,7 +1493,7 @@ Plugin 资源请求地址:/apisix/admin/plugins/{plugin_name}
```shell
curl "http://127.0.0.1:9180/apisix/admin/plugins/list" \
- -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1'
+ -H 'X-API-KEY: your-admin-key'
```
```shell
@@ -1504,7 +1504,7 @@ Plugin 资源请求地址:/apisix/admin/plugins/{plugin_name}
```shell
curl "http://127.0.0.1:9180/apisix/admin/plugins/key-auth?subsystem=http" \
- -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1'
+ -H 'X-API-KEY: your-admin-key'
```
```json
diff --git a/docs/zh/latest/certificate.md b/docs/zh/latest/certificate.md
index f85e663a8..dee938bb5 100644
--- a/docs/zh/latest/certificate.md
+++ b/docs/zh/latest/certificate.md
@@ -233,7 +233,7 @@ deployment:
admin:
admin_key
- name: admin
- key: edd1c9f034335f136f87ad84b625c8f1
+ key: your-admin-key
role: admin
admin_listen:
ip: 127.0.0.1
diff --git a/docs/zh/latest/dashboard.md b/docs/zh/latest/dashboard.md
index 18f87f95b..25b97cf8a 100644
--- a/docs/zh/latest/dashboard.md
+++ b/docs/zh/latest/dashboard.md
@@ -73,8 +73,8 @@ deployment:
-
name: admin
role: admin
- # 使用简单的 Admin API Key 存在安全风险,部署到生产环境时请及时更新
- key: edd1c9f034335f136f87ad84b625c8f1
+ # 设置安全的 Admin API Key。如果留空,APISIX 会在初始化时自动生成并写回此文件。
+ key: your-admin-key
```
也支持通过环境变量配置:
diff --git a/docs/zh/latest/plugins/authz-casdoor.md
b/docs/zh/latest/plugins/authz-casdoor.md
index e24150fd6..d09156a22 100644
--- a/docs/zh/latest/plugins/authz-casdoor.md
+++ b/docs/zh/latest/plugins/authz-casdoor.md
@@ -55,8 +55,18 @@ description: 本篇文档介绍了 Apache APISIX auth-casdoor 插件的相关信
以下示例展示了如何在指定路由上启用 `auth-casdoor` 插件:
+:::note 注意
+
+您可以这样从 `config.yaml` 中获取 `admin_key` 并存入环境变量:
+
+```bash
+admin_key=$(yq '.deployment.admin.admin_key[0].key' conf/config.yaml | sed
's/"//g')
+```
+
+:::
+
```shell
-curl "http://127.0.0.1:9180/apisix/admin/routes/1" -H "X-API-KEY:
edd1c9f034335f136f87ad84b625c8f1" -X PUT -d '
+curl "http://127.0.0.1:9180/apisix/admin/routes/1" -H "X-API-KEY: $admin_key"
-X PUT -d '
{
"methods": ["GET"],
"uri": "/anything/*",
diff --git a/docs/zh/latest/plugins/csrf.md b/docs/zh/latest/plugins/csrf.md
index 49eb4bbb1..c6ac5118d 100644
--- a/docs/zh/latest/plugins/csrf.md
+++ b/docs/zh/latest/plugins/csrf.md
@@ -65,7 +65,7 @@ curl -i http://127.0.0.1:9180/apisix/admin/routes/1 -H
"X-API-KEY: $admin_key" -
"uri": "/hello",
"plugins": {
"csrf": {
- "key": "edd1c9f034335f136f87ad84b625c8f1"
+ "key": "csrf-secret-key"
}
},
"upstream": {
diff --git a/docs/zh/latest/plugins/gm.md b/docs/zh/latest/plugins/gm.md
index 317b23b42..a49bd7673 100644
--- a/docs/zh/latest/plugins/gm.md
+++ b/docs/zh/latest/plugins/gm.md
@@ -142,7 +142,7 @@ with open(sys.argv[3]) as f:
sign_cert = f.read()
with open(sys.argv[4]) as f:
sign_key = f.read()
-api_key = "edd1c9f034335f136f87ad84b625c8f1"
+api_key = "your-admin-key"
resp = requests.put("http://127.0.0.1:9180/apisix/admin/ssls/1", json={
"cert": enc_cert,
"key": enc_key,
diff --git a/docs/zh/latest/tutorials/cache-api-responses.md
b/docs/zh/latest/tutorials/cache-api-responses.md
index c95f99e81..83347ecee 100644
--- a/docs/zh/latest/tutorials/cache-api-responses.md
+++ b/docs/zh/latest/tutorials/cache-api-responses.md
@@ -109,7 +109,7 @@ curl http://127.0.0.1:9180/apisix/admin/plugins/reload -H
"X-API-KEY: $admin_key
然后,我们运行两个 curl 命令来为 `/api/products` 端点配置 **Upstream** 和 **Route**。首先,创建一个示例
Upstream(也就是我们的 API 服务器):
```shell
-curl "http://127.0.0.1:9180/apisix/admin/upstreams/1" -H "X-API-KEY:
edd1c9f034335f136f87ad84b625c8f1" -X PUT -d '
+curl "http://127.0.0.1:9180/apisix/admin/upstreams/1" -H "X-API-KEY:
$admin_key" -X PUT -d '
{
"type": "roundrobin",
"nodes": {
@@ -121,7 +121,7 @@ curl "http://127.0.0.1:9180/apisix/admin/upstreams/1" -H
"X-API-KEY: edd1c9f0343
接下来,我们为 `/api/products` 添加一个具备缓存能力的路由,通过在 `plugins` 属性中设置 `proxy-cache` 插件,并通过
**upstream_id** 引用上游服务,将请求转发到 API 服务器:
```shell
-curl "http://127.0.0.1:9180/apisix/admin/routes/1" -H "X-API-KEY:
edd1c9f034335f136f87ad84b625c8f1" -X PUT -d '{
+curl "http://127.0.0.1:9180/apisix/admin/routes/1" -H "X-API-KEY: $admin_key"
-X PUT -d '{
"name": "Route for API Caching",
"methods": [
"GET"
diff --git a/docs/zh/latest/tutorials/client-to-apisix-mtls.md
b/docs/zh/latest/tutorials/client-to-apisix-mtls.md
index a697c6d12..aa8a7a34c 100644
--- a/docs/zh/latest/tutorials/client-to-apisix-mtls.md
+++ b/docs/zh/latest/tutorials/client-to-apisix-mtls.md
@@ -74,9 +74,19 @@ openssl pkcs12 -export -clcerts -in client.cer -inkey
client.key -out client.p12
:::
+:::note 注意
+
+你可以通过以下命令从 `config.yaml` 中获取 `admin_key` 并保存到环境变量:
+
+```bash
+admin_key=$(yq '.deployment.admin.admin_key[0].key' conf/config.yaml | sed
's/"//g')
+```
+
+:::
+
```shell
curl -X PUT 'http://127.0.0.1:9180/apisix/admin/ssls/1' \
---header 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' \
+--header 'X-API-KEY: $admin_key' \
--header 'Content-Type: application/json' \
--data-raw '{
"sni": "test.com",
@@ -99,7 +109,7 @@ curl -X PUT 'http://127.0.0.1:9180/apisix/admin/ssls/1' \
```shell
curl -X PUT 'http://127.0.0.1:9180/apisix/admin/routes/1' \
---header 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' \
+--header 'X-API-KEY: $admin_key' \
--header 'Content-Type: application/json' \
--data-raw '{
"uri": "/anything",
diff --git a/docs/zh/latest/tutorials/expose-api.md
b/docs/zh/latest/tutorials/expose-api.md
index 9561717e6..079577b79 100644
--- a/docs/zh/latest/tutorials/expose-api.md
+++ b/docs/zh/latest/tutorials/expose-api.md
@@ -59,9 +59,18 @@ APISIX 可以通过路由定义规则来匹配客户端请求,根据匹配结
创建一个包含 `httpbin.org` 的上游服务,你可以使用它进行测试。这是一个返回服务,它将返回我们在请求中传递的参数。
+:::note 注意
+你可以通过以下命令从 `config.yaml` 中获取 `admin_key` 并保存到环境变量:
+
+```bash
+admin_key=$(yq '.deployment.admin.admin_key[0].key' conf/config.yaml | sed
's/"//g')
+```
+
+:::
+
```shell
curl "http://127.0.0.1:9180/apisix/admin/upstreams/1" \
--H "X-API-KEY: edd1c9f034335f136f87ad84b625c8f1" -X PUT -d '
+-H "X-API-KEY: $admin_key" -X PUT -d '
{
"type": "roundrobin",
"nodes": {
@@ -70,7 +79,7 @@ curl "http://127.0.0.1:9180/apisix/admin/upstreams/1" \
}'
```
-在该命令中,我们指定了 Apache APISIX 的 Admin API Key 为
`edd1c9f034335f136f87ad84b625c8f1`,并且使用 `roundrobin` 作为负载均衡机制,并设置了
`httpbin.org:80` 为上游服务。为了将该上游绑定到路由,此处需要把 `upstream_id` 设置为 `1`。此处你可以在 `nodes`
下指定多个上游,以达到负载均衡的效果。
+在该命令中,我们使用保存在 `$admin_key` 中的 Apache APISIX Admin API Key,并且使用 `roundrobin`
作为负载均衡机制,并设置了 `httpbin.org:80` 为上游服务。为了将该上游绑定到路由,此处需要把 `upstream_id` 设置为
`1`。此处你可以在 `nodes` 下指定多个上游,以达到负载均衡的效果。
如需了解更多信息,请参考[上游](../terminology/upstream.md)。
@@ -78,7 +87,7 @@ curl "http://127.0.0.1:9180/apisix/admin/upstreams/1" \
```shell
curl "http://127.0.0.1:9180/apisix/admin/routes/1" \
--H "X-API-KEY: edd1c9f034335f136f87ad84b625c8f1" -X PUT -d '
+-H "X-API-KEY: $admin_key" -X PUT -d '
{
"methods": ["GET"],
"host": "example.com",
@@ -93,7 +102,7 @@ curl "http://127.0.0.1:9180/apisix/admin/routes/1" \
```shell
curl "http://127.0.0.1:9180/apisix/admin/routes/1" \
--H "X-API-KEY: edd1c9f034335f136f87ad84b625c8f1" -X PUT -d '
+-H "X-API-KEY: $admin_key" -X PUT -d '
{
"methods": ["GET"],
"host": "example.com",