kong-dashboard
Version:
Web UI for managing Kong gateway
1,077 lines (1,076 loc) • 136 kB
JavaScript
var semver = require('semver');
var schemas = {
'0.9': {
api: {
description: "The API object describes an API that's being exposed by Kong. Kong needs to know how to retrieve the API when a consumer is calling it from the Proxy port. Each API object must specify some combination of hosts, uris, and methods. Kong will proxy all requests to the API to the specified upstream URL.",
documentation: 'https://getkong.org/docs/0.9.x/admin-api/#add-api',
properties: {
name: {
required: false,
type: 'string',
description: 'The API name. If none is specified, will default to the request_host or request_path.'
},
request_host: {
required: false,
type: 'string',
description: "The public DNS address that points to your API. For example, mockbin.com. At least request_host or request_path or both should be specified."
},
request_path: {
required: false,
type: 'string',
description: "The public path that points to your API. For example, /someservice. At least request_host or request_path or both should be specified."
},
upstream_url: {
required: true,
type: 'string',
description: "The base target URL that points to your API server, this URL will be used for proxying requests. For example, https://mockbin.com."
},
strip_request_path: {
required: false,
type: 'boolean',
'default': false,
description: "Strip the request_path value before proxying the request to the final API. For example a request made to /someservice/hello will be resolved to upstream_url/hello. By default is false."
},
preserve_host: {
required: false,
type: 'boolean',
'default': false,
description: "Preserves the original Host header sent by the client, instead of replacing it with the hostname of the upstream_url. By default is false."
}
}
},
'auth-key': {
description: "Add Key Authentication (also sometimes referred to as an API key) to an API. Consumers then add their key either in a querystring parameter or a header to authenticate their requests.",
documentation: 'https://docs.konghq.com/plugins/key-authentication',
properties: {
consumer_id: {
type: 'string',
description: 'Consumer this key belongs to.',
},
key: {
type: 'string',
description: 'The key. Will be auto-generated by Kong if left empty.'
}
}
},
'basic-auth-credential': {
description: "Add Basic Authentication to an API with username and password protection. The plugin will check for valid credentials in the Proxy-Authorization and Authorization header (in this order).",
documentation: 'https://docs.konghq.com/plugins/basic-authentication',
properties: {
username: {
type: 'string',
description: 'The username to use in the Basic Authentication.',
},
password: {
type: 'string',
description: 'The password to use in the Basic Authentication.'
}
}
},
consumer: {
description: "The Consumer object represents a consumer - or a user - of an API. You can either rely on Kong as the primary datastore, or you can map the consumer list with your database to keep consistency between Kong and your existing primary datastore.",
documentation: 'https://getkong.org/docs/0.9.x/admin-api/#create-consumer',
properties: {
username: {
required: false,
type: 'string',
description: 'The username of the consumer. You must send either this field or custom_id with the request.'
},
custom_id: {
required: false,
type: 'string',
description: 'Field for storing an existing ID for the consumer, useful for mapping Kong with users in your existing database. You must send either this field or username with the request.'
}
}
},
'hmac-credential': {
description: 'Add HMAC Signature authentication to a Service or a Route (or the deprecated API entity) to establish the integrity of incoming requests.',
documentation: 'https://docs.konghq.com/plugins/hmac-authentication',
properties: {
username: {
type: 'string',
required: true,
description: 'The username to use in the HMAC Signature verification.'
},
secret: {
type: 'string',
description: "The secret to use in the HMAC Signature verification. Note that if this parameter isn't provided, Kong will generate a value for you and send it as part of the response body.",
}
}
},
'jwt-credential': {
description: 'Consumer must have JWT credentials to sign their JSON web tokens.',
documentation: 'https://docs.konghq.com/plugins/jwt',
properties: {
key: {
type: 'string',
description: 'A unique string identifying the credential. If left out, it will be auto-generated.',
},
algorithm: {
type: 'string',
description: 'The algorithm used to verify the token\'s signature.',
enum: ['HS256', 'RS256', 'ES256'],
default: 'HS256',
},
rsa_public_key: {
type: 'string',
description: 'If algorithm is RS256 or ES256, the public key (in PEM format) to use to verify the token\'s signature.',
},
secret: {
type: 'string',
description: 'If algorithm is HS256 or ES256, the secret used to sign JWTs for this credential. If left out, will be auto-generated.',
}
}
},
'oauth2-credential': {
description: "In order for a Consumer to use the oauth2 plugin, this Consumer must have an oauth2 application (aka oauth2 credentials).",
documentation: "https://docs.konghq.com/plugins/oauth2-authentication",
properties: {
name: {
type: 'string',
description: "The name to associate to the credential. In OAuth 2.0 this would be the application name.",
},
client_id: {
type: 'string',
description: "You can optionally set your own unique client_id. If missing, the plugin will generate one.",
},
client_secret: {
type: 'string',
description: "You can optionally set your own unique client_secret. If missing, the plugin will generate one.",
},
redirect_uri: {
type: 'string',
description: "The URL in your app where users will be sent after authorization (RFC 6742 Section 3.1.2).",
}
}
},
},
'0.10': {
api: {
description: "The API object describes an API that's being exposed by Kong. Kong needs to know how to retrieve the API when a consumer is calling it from the Proxy port. Each API object must specify some combination of hosts, uris, and methods. Kong will proxy all requests to the API to the specified upstream URL.",
documentation: 'https://getkong.org/docs/0.10.x/admin-api/#add-api',
properties: {
name: {
required: true,
type: 'string',
description: 'The API name.'
},
hosts: {
required: false,
type: 'array',
items: {
type: 'string'
},
description: "A comma-separated list of domain names that point to your API. For example: example.com. At least one of hosts, uris, or methods should be specified."
},
uris: {
required: false,
type: 'array',
items: {
type: 'string'
},
description: "A comma-separated list of URIs prefixes that point to your API. For example: /my-path. At least one of hosts, uris, or methods should be specified."
},
methods: {
required: false,
type: 'array',
items: {
type: 'string',
'enum': ['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'OPTIONS', 'HEAD']
},
description: "A comma-separated list of HTTP methods that point to your API. For example: GET,POST. At least one of hosts, uris, or methods should be specified."
},
upstream_url: {
required: true,
type: 'url',
description: "The base target URL that points to your API server. This URL will be used for proxying requests. For example: https://example.com."
},
strip_uri: {
required: false,
type: 'boolean',
'default': true,
description: "When matching an API via one of the uris prefixes, strip that matching prefix from the upstream URI to be requested. Default: true."
},
preserve_host: {
required: false,
type: 'boolean',
'default': false,
description: "When matching an API via one of the hosts domain names, make sure the request Host header is forwarded to the upstream service. By default, this is false, and the upstream Host header will be extracted from the configured upstream_url."
},
retries: {
required: false,
type: 'number',
'default': 5,
description: 'The number of retries to execute upon failure to proxy. The default is 5.'
},
upstream_connect_timeout: {
required: false,
type: 'number',
'default': 60000,
description: 'The timeout in milliseconds for establishing a connection to your upstream service. Defaults to 60000.'
},
upstream_send_timeout: {
required: false,
type: 'number',
'default': 60000,
description: 'The timeout in milliseconds between two successive write operations for transmitting a request to your upstream service Defaults to 60000.'
},
upstream_read_timeout: {
required: false,
type: 'number',
'default': 60000,
description: 'The timeout in milliseconds between two successive read operations for transmitting a request to your upstream service Defaults to 60000.'
},
https_only: {
required: false,
type: 'boolean',
'default': false,
description: 'To be enabled if you wish to only serve an API through HTTPS, on the appropriate port (8443 by default). Default: false.'
},
http_if_terminated: {
required: false,
type: 'boolean',
'default': true,
description: 'Consider the X-Forwarded-Proto header when enforcing HTTPS only traffic. Default: true.'
}
}
},
'auth-key': {
description: "Add Key Authentication (also sometimes referred to as an API key) to an API. Consumers then add their key either in a querystring parameter or a header to authenticate their requests.",
documentation: 'https://docs.konghq.com/plugins/key-authentication',
properties: {
consumer_id: {
type: 'string',
description: 'Consumer this key belongs to.',
},
key: {
type: 'string',
description: 'The key. Will be auto-generated by Kong if left empty.'
}
}
},
'basic-auth-credential': {
description: "Add Basic Authentication to an API with username and password protection. The plugin will check for valid credentials in the Proxy-Authorization and Authorization header (in this order).",
documentation: 'https://docs.konghq.com/plugins/basic-authentication',
properties: {
username: {
type: 'string',
description: 'The username to use in the Basic Authentication.',
},
password: {
type: 'string',
description: 'The password to use in the Basic Authentication.'
}
}
},
certificate: {
description: "A certificate object represents a public certificate/private key pair for an SSL certificate. These objects are used by Kong to handle SSL/TLS termination for encrypted requests. Certificates are optionally associated with SNI objects to tie a cert/key pair to one or more hostnames.",
documentation: 'https://docs.konghq.com/0.10.x/admin-api/#certificate-object',
properties: {
cert: {
required: true,
type: 'string',
description: 'PEM-encoded public certificate of the SSL key pair.'
},
key: {
required: true,
type: 'string',
description: 'PEM-encoded private key of the SSL key pair.'
},
snis: {
required: false,
type: 'string',
description: 'One or more hostnames to associate with this certificate as an SNI.'
}
}
},
consumer: {
description: "The Consumer object represents a consumer - or a user - of an API. You can either rely on Kong as the primary datastore, or you can map the consumer list with your database to keep consistency between Kong and your existing primary datastore.",
documentation: 'https://getkong.org/docs/0.10.x/admin-api/#create-consumer',
properties: {
username: {
required: false,
type: 'string',
description: 'The unique username of the consumer. You must send either this field or custom_id with the request.'
},
custom_id: {
required: false,
type: 'string',
description: 'Field for storing an existing unique ID for the consumer - useful for mapping Kong with users in your existing database. You must send either this field or username with the request.'
}
}
},
'hmac-credential': {
description: 'Add HMAC Signature authentication to a Service or a Route (or the deprecated API entity) to establish the integrity of incoming requests.',
documentation: 'https://docs.konghq.com/plugins/hmac-authentication',
properties: {
username: {
type: 'string',
required: true,
description: 'The username to use in the HMAC Signature verification.'
},
secret: {
type: 'string',
description: "The secret to use in the HMAC Signature verification. Note that if this parameter isn't provided, Kong will generate a value for you and send it as part of the response body.",
}
}
},
'jwt-credential': {
description: 'Consumer must have JWT credentials to sign their JSON web tokens.',
documentation: 'https://docs.konghq.com/plugins/jwt',
properties: {
key: {
type: 'string',
description: 'A unique string identifying the credential. If left out, it will be auto-generated.',
},
algorithm: {
type: 'string',
description: 'The algorithm used to verify the token\'s signature.',
enum: ['HS256', 'RS256', 'ES256'],
default: 'HS256',
},
rsa_public_key: {
type: 'string',
description: 'If algorithm is RS256 or ES256, the public key (in PEM format) to use to verify the token\'s signature.',
},
secret: {
type: 'string',
description: 'If algorithm is HS256 or ES256, the secret used to sign JWTs for this credential. If left out, will be auto-generated.',
}
}
},
'oauth2-credential': {
description: "In order for a Consumer to use the oauth2 plugin, this Consumer must have an oauth2 application (aka oauth2 credentials).",
documentation: "https://docs.konghq.com/plugins/oauth2-authentication",
properties: {
name: {
type: 'string',
description: "The name to associate to the credential. In OAuth 2.0 this would be the application name.",
},
client_id: {
type: 'string',
description: "You can optionally set your own unique client_id. If missing, the plugin will generate one.",
},
client_secret: {
type: 'string',
description: "You can optionally set your own unique client_secret. If missing, the plugin will generate one.",
},
redirect_uri: {
type: 'string',
description: "The URL in your app where users will be sent after authorization (RFC 6742 Section 3.1.2).",
}
}
},
target: {
description: "A target is an ip address/hostname with a port that identifies an instance of a backend service. Every upstream can have many targets, and the targets can be dynamically added. Changes are effectuated on the fly.",
documentation: 'https://docs.konghq.com/0.10.x/admin-api/#target-object',
properties: {
target: {
type: 'string',
description: "The target address (ip or hostname) and port. If omitted the port defaults to 8000. If the hostname resolves to an SRV record, the port value will overridden by the value from the dns record.",
},
weight: {
type: 'number',
description: "The weight this target gets within the upstream loadbalancer (0-1000, defaults to 100). If the hostname resolves to an SRV record, the weight value will overridden by the value from the dns record.",
}
},
},
upstream: {
description: "The upstream object represents a virtual hostname and can be used to loadbalance incoming requests over multiple services (targets). So for example an upstream named service.v1.xyz for a Service object whose host is service.v1.xyz. Requests for this Service would be proxied to the targets defined within the upstream.",
documentation: 'https://docs.konghq.com/0.10.x/admin-api/#upstream-objects',
properties: {
name: {
required: true,
type: 'string',
description: 'This is a hostname, which must be equal to the host of a Service.'
},
slots: {
required: false,
type: 'number',
description: 'The number of slots in the loadbalancer algorithm (10-65536, defaults to 1000).'
},
orderlist: {
type: 'array',
items: {
type: 'number',
},
description: 'A list of sequential, but randomly ordered, integer numbers that determine the distribution of the slots in the balancer. If omitted it will be generated. If given, it must have exactly slots number of entries.',
}
}
}
},
'0.11': {
api: {
description: "The API object describes an API that's being exposed by Kong. Kong needs to know how to retrieve the API when a consumer is calling it from the Proxy port. Each API object must specify some combination of hosts, uris, and methods. Kong will proxy all requests to the API to the specified upstream URL.",
documentation: 'https://getkong.org/docs/0.11.x/admin-api/#add-api',
properties: {
name: {
required: true,
type: 'string',
description: 'The API name.'
},
hosts: {
required: false,
type: 'array',
items: {
type: 'string'
},
description: "A comma-separated list of domain names that point to your API. For example: example.com. At least one of hosts, uris, or methods should be specified."
},
uris: {
required: false,
type: 'array',
items: {
type: 'string'
},
description: "A comma-separated list of URIs prefixes that point to your API. For example: /my-path. At least one of hosts, uris, or methods should be specified."
},
methods: {
required: false,
type: 'array',
items: {
type: 'string',
'enum': ['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'OPTIONS', 'HEAD']
},
description: "List of HTTP methods that point to your API. For example: GET,POST. At least one of hosts, uris, or methods should be specified."
},
upstream_url: {
required: true,
type: 'url',
description: "The base target URL that points to your API server. This URL will be used for proxying requests. For example: https://example.com."
},
strip_uri: {
required: false,
type: 'boolean',
'default': true,
description: "When matching an API via one of the uris prefixes, strip that matching prefix from the upstream URI to be requested. Default: true."
},
preserve_host: {
required: false,
type: 'boolean',
'default': false,
description: "When matching an API via one of the hosts domain names, make sure the request Host header is forwarded to the upstream service. By default, this is false, and the upstream Host header will be extracted from the configured upstream_url."
},
retries: {
required: false,
type: 'number',
'default': 5,
description: 'The number of retries to execute upon failure to proxy. The default is 5.'
},
upstream_connect_timeout: {
required: false,
type: 'number',
'default': 60000,
description: 'The timeout in milliseconds for establishing a connection to your upstream service. Defaults to 60000.'
},
upstream_send_timeout: {
required: false,
type: 'number',
'default': 60000,
description: 'The timeout in milliseconds between two successive write operations for transmitting a request to your upstream service Defaults to 60000.'
},
upstream_read_timeout: {
required: false,
type: 'number',
'default': 60000,
description: 'The timeout in milliseconds between two successive read operations for transmitting a request to your upstream service Defaults to 60000.'
},
https_only: {
required: false,
type: 'boolean',
'default': false,
description: 'To be enabled if you wish to only serve an API through HTTPS, on the appropriate port (8443 by default). Default: false.'
},
http_if_terminated: {
required: false,
type: 'boolean',
'default': true,
description: 'Consider the X-Forwarded-Proto header when enforcing HTTPS only traffic. Default: true.'
}
}
},
'auth-key': {
description: "Add Key Authentication (also sometimes referred to as an API key) to an API. Consumers then add their key either in a querystring parameter or a header to authenticate their requests.",
documentation: 'https://docs.konghq.com/plugins/key-authentication',
properties: {
consumer_id: {
type: 'string',
description: 'Consumer this key belongs to.',
},
key: {
type: 'string',
description: 'The key. Will be auto-generated by Kong if left empty.'
}
}
},
'basic-auth-credential': {
description: "Add Basic Authentication to an API with username and password protection. The plugin will check for valid credentials in the Proxy-Authorization and Authorization header (in this order).",
documentation: 'https://docs.konghq.com/plugins/basic-authentication',
properties: {
username: {
type: 'string',
description: 'The username to use in the Basic Authentication.',
},
password: {
type: 'string',
description: 'The password to use in the Basic Authentication.'
}
}
},
certificate: {
description: "A certificate object represents a public certificate/private key pair for an SSL certificate. These objects are used by Kong to handle SSL/TLS termination for encrypted requests. Certificates are optionally associated with SNI objects to tie a cert/key pair to one or more hostnames.",
documentation: 'https://docs.konghq.com/0.11.x/admin-api/#certificate-object',
properties: {
cert: {
required: true,
type: 'string',
description: 'PEM-encoded public certificate of the SSL key pair.'
},
key: {
required: true,
type: 'string',
description: 'PEM-encoded private key of the SSL key pair.'
},
snis: {
required: false,
type: 'string',
description: 'One or more hostnames to associate with this certificate as an SNI.'
}
}
},
consumer: {
description: "The Consumer object represents a consumer - or a user - of an API. You can either rely on Kong as the primary datastore, or you can map the consumer list with your database to keep consistency between Kong and your existing primary datastore.",
documentation: 'https://getkong.org/docs/0.11.x/admin-api/#create-consumer',
properties: {
username: {
required: false,
type: 'string',
description: 'The unique username of the consumer. You must send either this field or custom_id with the request.'
},
custom_id: {
required: false,
type: 'string',
description: 'Field for storing an existing unique ID for the consumer - useful for mapping Kong with users in your existing database. You must send either this field or username with the request.'
}
}
},
'hmac-credential': {
description: 'Add HMAC Signature authentication to a Service or a Route (or the deprecated API entity) to establish the integrity of incoming requests.',
documentation: 'https://docs.konghq.com/plugins/hmac-authentication',
properties: {
username: {
type: 'string',
required: true,
description: 'The username to use in the HMAC Signature verification.'
},
secret: {
type: 'string',
description: "The secret to use in the HMAC Signature verification. Note that if this parameter isn't provided, Kong will generate a value for you and send it as part of the response body.",
}
}
},
'jwt-credential': {
description: 'Consumer must have JWT credentials to sign their JSON web tokens.',
documentation: 'https://docs.konghq.com/plugins/jwt',
properties: {
key: {
type: 'string',
description: 'A unique string identifying the credential. If left out, it will be auto-generated.',
},
algorithm: {
type: 'string',
description: 'The algorithm used to verify the token\'s signature.',
enum: ['HS256', 'RS256', 'ES256'],
default: 'HS256',
},
rsa_public_key: {
type: 'string',
description: 'If algorithm is RS256 or ES256, the public key (in PEM format) to use to verify the token\'s signature.',
},
secret: {
type: 'string',
description: 'If algorithm is HS256 or ES256, the secret used to sign JWTs for this credential. If left out, will be auto-generated.',
}
}
},
'oauth2-credential': {
description: "In order for a Consumer to use the oauth2 plugin, this Consumer must have an oauth2 application (aka oauth2 credentials).",
documentation: "https://docs.konghq.com/plugins/oauth2-authentication",
properties: {
name: {
type: 'string',
description: "The name to associate to the credential. In OAuth 2.0 this would be the application name.",
},
client_id: {
type: 'string',
description: "You can optionally set your own unique client_id. If missing, the plugin will generate one.",
},
client_secret: {
type: 'string',
description: "You can optionally set your own unique client_secret. If missing, the plugin will generate one.",
},
redirect_uri: {
type: 'string',
description: "The URL in your app where users will be sent after authorization (RFC 6742 Section 3.1.2).",
}
}
},
target: {
description: "A target is an ip address/hostname with a port that identifies an instance of a backend service. Every upstream can have many targets, and the targets can be dynamically added. Changes are effectuated on the fly.",
documentation: 'https://docs.konghq.com/0.11.x/admin-api/#target-object',
properties: {
target: {
type: 'string',
description: "The target address (ip or hostname) and port. If omitted the port defaults to 8000. If the hostname resolves to an SRV record, the port value will overridden by the value from the dns record.",
},
weight: {
type: 'number',
description: "The weight this target gets within the upstream loadbalancer (0-1000, defaults to 100). If the hostname resolves to an SRV record, the weight value will overridden by the value from the dns record.",
}
},
},
upstream: {
description: "The upstream object represents a virtual hostname and can be used to loadbalance incoming requests over multiple services (targets). So for example an upstream named service.v1.xyz for a Service object whose host is service.v1.xyz. Requests for this Service would be proxied to the targets defined within the upstream.",
documentation: 'https://docs.konghq.com/0.11.x/admin-api/#upstream-objects',
properties: {
name: {
required: true,
type: 'string',
description: 'This is a hostname, which must be equal to the host of a Service.'
},
slots: {
required: false,
type: 'number',
description: 'The number of slots in the loadbalancer algorithm (10-65536, defaults to 1000).'
},
orderlist: {
type: 'array',
items: {
type: 'number',
},
description: 'A list of sequential, but randomly ordered, integer numbers that determine the distribution of the slots in the balancer. If omitted it will be generated. If given, it must have exactly slots number of entries.',
}
}
}
},
'0.12': {
api: {
description: "The API object describes an API that's being exposed by Kong. Kong needs to know how to retrieve the API when a consumer is calling it from the Proxy port. Each API object must specify some combination of hosts, uris, and methods. Kong will proxy all requests to the API to the specified upstream URL.",
documentation: 'https://getkong.org/docs/0.12.x/admin-api/#add-api',
properties: {
name: {
required: true,
type: 'string',
description: 'The API name.'
},
hosts: {
required: false,
type: 'array',
items: {
type: 'string'
},
description: "A comma-separated list of domain names that point to your API. For example: example.com. At least one of hosts, uris, or methods should be specified."
},
uris: {
required: false,
type: 'array',
items: {
type: 'string'
},
description: "A comma-separated list of URIs prefixes that point to your API. For example: /my-path. At least one of hosts, uris, or methods should be specified."
},
methods: {
required: false,
type: 'array',
items: {
type: 'string',
'enum': ['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'OPTIONS', 'HEAD']
},
description: "List of HTTP methods that point to your API. For example: GET,POST. At least one of hosts, uris, or methods should be specified."
},
upstream_url: {
required: true,
type: 'url',
description: "The base target URL that points to your API server. This URL will be used for proxying requests. For example: https://example.com."
},
strip_uri: {
required: false,
type: 'boolean',
'default': true,
description: "When matching an API via one of the uris prefixes, strip that matching prefix from the upstream URI to be requested. Default: true."
},
preserve_host: {
required: false,
type: 'boolean',
'default': false,
description: "When matching an API via one of the hosts domain names, make sure the request Host header is forwarded to the upstream service. By default, this is false, and the upstream Host header will be extracted from the configured upstream_url."
},
retries: {
required: false,
type: 'number',
'default': 5,
description: 'The number of retries to execute upon failure to proxy. The default is 5.'
},
upstream_connect_timeout: {
required: false,
type: 'number',
'default': 60000,
description: 'The timeout in milliseconds for establishing a connection to your upstream service. Defaults to 60000.'
},
upstream_send_timeout: {
required: false,
type: 'number',
'default': 60000,
description: 'The timeout in milliseconds between two successive write operations for transmitting a request to your upstream service Defaults to 60000.'
},
upstream_read_timeout: {
required: false,
type: 'number',
'default': 60000,
description: 'The timeout in milliseconds between two successive read operations for transmitting a request to your upstream service Defaults to 60000.'
},
https_only: {
required: false,
type: 'boolean',
'default': false,
description: 'To be enabled if you wish to only serve an API through HTTPS, on the appropriate port (8443 by default). Default: false.'
},
http_if_terminated: {
required: false,
type: 'boolean',
'default': true,
description: 'Consider the X-Forwarded-Proto header when enforcing HTTPS only traffic. Default: true.'
}
}
},
'auth-key': {
description: "Add Key Authentication (also sometimes referred to as an API key) to an API. Consumers then add their key either in a querystring parameter or a header to authenticate their requests.",
documentation: 'https://docs.konghq.com/plugins/key-authentication',
properties: {
consumer_id: {
type: 'string',
description: 'Consumer this key belongs to.',
},
key: {
type: 'string',
description: 'The key. Will be auto-generated by Kong if left empty.'
}
}
},
'basic-auth-credential': {
description: "Add Basic Authentication to an API with username and password protection. The plugin will check for valid credentials in the Proxy-Authorization and Authorization header (in this order).",
documentation: 'https://docs.konghq.com/plugins/basic-authentication',
properties: {
username: {
type: 'string',
description: 'The username to use in the Basic Authentication.',
},
password: {
type: 'string',
description: 'The password to use in the Basic Authentication.'
}
}
},
certificate: {
description: "A certificate object represents a public certificate/private key pair for an SSL certificate. These objects are used by Kong to handle SSL/TLS termination for encrypted requests. Certificates are optionally associated with SNI objects to tie a cert/key pair to one or more hostnames.",
documentation: 'https://docs.konghq.com/0.12.x/admin-api/#certificate-object',
properties: {
cert: {
required: true,
type: 'string',
description: 'PEM-encoded public certificate of the SSL key pair.'
},
key: {
required: true,
type: 'string',
description: 'PEM-encoded private key of the SSL key pair.'
},
snis: {
required: false,
type: 'string',
description: 'One or more hostnames to associate with this certificate as an SNI.'
}
}
},
consumer: {
description: "The Consumer object represents a consumer - or a user - of an API. You can either rely on Kong as the primary datastore, or you can map the consumer list with your database to keep consistency between Kong and your existing primary datastore.",
documentation: 'https://getkong.org/docs/0.12.x/admin-api/#create-consumer',
properties: {
username: {
required: false,
type: 'string',
description: 'The unique username of the consumer. You must send either this field or custom_id with the request.'
},
custom_id: {
required: false,
type: 'string',
description: 'Field for storing an existing unique ID for the consumer - useful for mapping Kong with users in your existing database. You must send either this field or username with the request.'
}
}
},
'hmac-credential': {
description: 'Add HMAC Signature authentication to a Service or a Route (or the deprecated API entity) to establish the integrity of incoming requests.',
documentation: 'https://docs.konghq.com/plugins/hmac-authentication',
properties: {
username: {
type: 'string',
required: true,
description: 'The username to use in the HMAC Signature verification.'
},
secret: {
type: 'string',
description: "The secret to use in the HMAC Signature verification. Note that if this parameter isn't provided, Kong will generate a value for you and send it as part of the response body.",
}
}
},
'jwt-credential': {
description: 'Consumer must have JWT credentials to sign their JSON web tokens.',
documentation: 'https://docs.konghq.com/plugins/jwt',
properties: {
key: {
type: 'string',
description: 'A unique string identifying the credential. If left out, it will be auto-generated.',
},
algorithm: {
type: 'string',
description: 'The algorithm used to verify the token\'s signature.',
enum: ['HS256', 'RS256', 'ES256'],
default: 'HS256',
},
rsa_public_key: {
type: 'string',
description: 'If algorithm is RS256 or ES256, the public key (in PEM format) to use to verify the token\'s signature.',
},
secret: {
type: 'string',
description: 'If algorithm is HS256 or ES256, the secret used to sign JWTs for this credential. If left out, will be auto-generated.',
}
}
},
'oauth2-credential': {
description: "In order for a Consumer to use the oauth2 plugin, this Consumer must have an oauth2 application (aka oauth2 credentials).",
documentation: "https://docs.konghq.com/plugins/oauth2-authentication",
properties: {
name: {
type: 'string',
description: "The name to associate to the credential. In OAuth 2.0 this would be the application name.",
},
client_id: {
type: 'string',
description: "You can optionally set your own unique client_id. If missing, the plugin will generate one.",
},
client_secret: {
type: 'string',
description: "You can optionally set your own unique client_secret. If missing, the plugin will generate one.",
},
redirect_uri: {
type: 'string',
description: "The URL in your app where users will be sent after authorization (RFC 6742 Section 3.1.2).",
}
}
},
target: {
description: "A target is an ip address/hostname with a port that identifies an instance of a backend service. Every upstream can have many targets, and the targets can be dynamically added. Changes are effectuated on the fly.",
documentation: 'https://docs.konghq.com/0.12.x/admin-api/#target-object',
properties: {
target: {
type: 'string',
description: "The target address (ip or hostname) and port. If omitted the port defaults to 8000. If the hostname resolves to an SRV record, the port value will overridden by the value from the dns record.",
},
weight: {
type: 'number',
description: "The weight this target gets within the upstream loadbalancer (0-1000, defaults to 100). If the hostname resolves to an SRV record, the weight value will overridden by the value from the dns record.",
}
},
},
upstream: {
description: "The upstream object represents a virtual hostname and can be used to loadbalance incoming requests over multiple services (targets). So for example an upstream named service.v1.xyz for a Service object whose host is service.v1.xyz. Requests for this Service would be proxied to the targets defined within the upstream.",
documentation: 'https://docs.konghq.com/0.12.x/admin-api/#upstream-objects',
properties: {
name: {
required: true,
type: 'string',
description: 'This is a hostname, which must be equal to the host of a Service.'
},
slots: {
required: false,
type: 'number',
description: 'The number of slots in the loadbalancer algorithm (10-65536, defaults to 1000).'
},
hash_on: {
required: false,
type: 'string',
enum: ['none', 'consumer', 'ip', 'header'],
description: 'What to use as hashing input: none, consumer, ip, or header (defaults to none resulting in a weighted-round-robin scheme).'
},
hash_fallback: {
required: false,
type: 'string',
enum: ['none', 'consumer', 'ip', 'header'],
description: 'What to use as hashing input if the primary hash_on does not return a hash (eg. header is missing, or no consumer identified): none, consumer, ip, or header (defaults to none).'
},
hash_on_header: {
required: false,
type: 'string',
description: 'The header name to take the value from as hash input (only required when hash_on is set to header).'
},
hash_fallback_header: {
required: false,
type: 'string',
description: 'The header name to take the value from as hash input (only required when hash_fallback is set to header).'
},
healthchecks: {
required: false,
type: 'object',
properties: {
active: {
required: false,
type: 'object',
properties: {
timeout: {
type: 'number',
description: 'Socket timeout for active health checks (in seconds).'
},
concurrency : {
type: 'number',
description: 'Number of targets to check concurrently in active health checks.'
},
http_path : {
type: 'string',
description: 'Path to use in GET HTTP request to run as a probe on active health checks.'
},
healthy: {
type: 'object',
properties: {
interval: {
type: 'number',
description: 'Interval between active health checks for healthy targets (in seconds). A value of zero indicates that active probes for healthy targets should not be performed.'
},
http_statuses: {
type: 'array',
items: {
type: 'number'
},
description: 'An array of HTTP statuses to consider a success, indicating healthiness, when returned by a probe in active health checks.'
},
successes: {
type: 'number',
description: 'Number of successes in active probes (as defined by healthchecks.active.healthy.http_statuses) to consider a target healthy.'
},
}
},
unhealthy: {
type: 'object',
properties: {
interval: {
type: 'number',
description: 'Interval between active health checks for unhealthy targets (in seconds). A value of zero indicates that active probes for unhealthy targets should not be performed.'
},
http_statuses: {
type: 'array',
items: {
type: 'number'
},
description: 'An array of HTTP statuses to consider a failure, indicating unhealthiness, when returned by a probe in active health checks.'
},
tcp_failures: {
type: 'number',
description: 'Number of TCP failures in active probes to consider a target unhealthy.',
},
timeouts: {
type: 'number',
description: 'Number of timeouts in active probes to consider a target unhealthy.',
},
http_failures: {
type: 'number',
description: 'Number of HTTP failures in active probes (as defined by healthchecks.active.unhealthy.http_statuses) to consider a target unhealthy.',
},
}
}
}
},
passive: {
required: false,
type: 'object',
properties: {
healthy: {
type: 'object',
properties: {
http_statuses: {
type: 'array',
items: {
type: 'number'
},
description: 'An array of HTTP statuses which represent unhealthiness when produced by proxied traffic, as observed by passive health checks.'
},
successes: {
type: 'number',
description: 'Number of successes in proxied traffic (as defined by healthchecks.passive.healthy.http_statuses) to consider a target healthy, as observed by passive health checks.'
},
}
},
unhealthy: {
type: 'object',
properties: {
http_statuses: {
type: 'array',
items: {
type: 'number'
},
description: 'An array of HTTP statuses which represent unhealthiness when produced by proxied traffic, as observed by passive health checks.'
},
tcp_failures: {
type: 'number',
description: 'Number of TCP failures in proxied traffic to consider a target unhealthy, as observed by passive health checks.',
},
timeouts: {
type: 'number',
description: 'Number of timeouts in proxied traffic to consider a target unhealthy, as observed by passive health checks.',
},
http_failures: {
type: 'number',
description: 'Number of HTTP failures in proxied traffic (as defined by healthchecks.passive.unhealthy.http_statuses) to consider a target unhealthy, as observed by passive health checks.',
},
}
}
}
},
}
}
}
}
},
'0.13': {
acl: {
description: "Restrict access to a Service or a Route (or the deprecated API entity) by whitelisting or blacklisting consumers using arbitrary ACL group names. This plugin requires an [authentication plugin][faq-authentication] to have been already enabled on the Service or the Route (or API).",
documentation: 'https://docs.konghq.com/plugins/acl',
properties: {
group: {
type: 'string',
required: true,
description: 'The arbitrary group name to associate to the consumer.',
},
},
},
api: {
description: "The API object describes an API that's being exposed by Kong. Kong needs to know how to retrieve the API when a consumer is calling it from the Proxy port. Each API object must specify some combination of hosts, uris, and methods. Kong will proxy all requests to the API to the specified upstream URL.",
documentation: 'https://getkong.org/docs/0.13.x/admin-api/#add-api',
properties: {
name: {
required: true,
type: 'string',
description: 'The API name.'
},
hosts: {
required: false,
type: 'array',
items: {
type: 'string'
},
description: "A comma-separated list of domain names that point to your API. For example: example.com. At least one of hosts, uris, or methods should be specified."
},
uris: {
required: false,
type: 'array',
items: {
type: