API Key auth #34877
Comments
zhaohuabing
added
enhancement
mattklein123
added
question
|
What exactly do you want this filter to do? |
|
This issue has been automatically marked as stale because it has not had activity in the last 30 days. It will be closed in the next 7 days unless it is tagged "help wanted" or "no stalebot" or other activity occurs. Thank you for your contributions. |
github-actions
bot
added
the
stale
Hi @mattklein123 Thanks for looking into this issue and sorry for my delayed response. The API key authentication filter can be used to authorize HTTP requests using the provided API key in the request. API keys are a simple and widely used method in web services to ensure that only authorized applications and users can interact with the API. It would be beneficial if Envoy could support this feature. There are also some users asking for this feature in envoy gateway. envoyproxy/gateway#2630 |
github-actions
bot
removed
the
stale
|
This issue has been automatically marked as stale because it has not had activity in the last 30 days. It will be closed in the next 7 days unless it is tagged "help wanted" or "no stalebot" or other activity occurs. Thank you for your contributions. |
github-actions
bot
added
the
stale
|
This issue has been automatically closed because it has not had activity in the last 37 days. If this issue is still valid, please ping a maintainer and ask them to label it as "help wanted" or "no stalebot". Thank you for your contributions. |
|
Hi 👋 I can take an implementer part, would any maintainer be willing to help in reviewing etc to promote it? |
|
It is very pity that we don’t have reliable and out-of-box way to use api keys in envoy proxy. |
|
although API Key Auth is not the most secure or the most performant way to do authn & authz, its still used in existing brownfield environments and also as an additional auth mechanism like the one outlined here, so having support for it would unblock migration to envoy proxy.
|
|
Agree, that it is essential functionality. |
wbpcode
added
enhancement
|
I agree this is essential functionality. I can help with the review if someone want to contribute. |
|
Thanks @wbpcode! I'll ping you when I create the PR. |
|
/assign |
|
sanposhiho is not allowed to assign users. |
<!-- !!!ATTENTION!!! If you are fixing *any* crash or *any* potential security issue, *do not* open a pull request in this repo. Please report the issue via emailing [email protected] where the issue will be triaged appropriately. Thank you in advance for helping to keep Envoy secure. !!!ATTENTION!!! For an explanation of how to fill out the fields, please see the relevant section in [PULL_REQUESTS.md](https://github.com/envoyproxy/envoy/blob/main/PULL_REQUESTS.md) --> This PR adds the API for HTTP APIKey Auth Filter that is proposed at #34877 and envoyproxy/gateway#2630. Commit Message: api: HTTP APIKey Auth Filter Risk Level: Low (only API) Testing: WIP (will be done after we agree on the API) Docs Changes: WIP Release Notes: WIP Platform Specific Features: No Part of: #34877 --------- Signed-off-by: Kensei Nakada <[email protected]> Signed-off-by: wangbaiping(wbpcode) <[email protected]> Co-authored-by: wangbaiping(wbpcode) <[email protected]>
<!-- !!!ATTENTION!!! If you are fixing *any* crash or *any* potential security issue, *do not* open a pull request in this repo. Please report the issue via emailing [email protected] where the issue will be triaged appropriately. Thank you in advance for helping to keep Envoy secure. !!!ATTENTION!!! For an explanation of how to fill out the fields, please see the relevant section in [PULL_REQUESTS.md](https://github.com/envoyproxy/envoy/blob/main/PULL_REQUESTS.md) --> This PR adds the API for HTTP APIKey Auth Filter that is proposed at envoyproxy/envoy#34877 and envoyproxy/gateway#2630. Commit Message: api: HTTP APIKey Auth Filter Risk Level: Low (only API) Testing: WIP (will be done after we agree on the API) Docs Changes: WIP Release Notes: WIP Platform Specific Features: No Part of: #34877 --------- Signed-off-by: Kensei Nakada <[email protected]> Signed-off-by: wangbaiping(wbpcode) <[email protected]> Co-authored-by: wangbaiping(wbpcode) <[email protected]> Mirrored from https://github.com/envoyproxy/envoy @ 72b75074a0ee089ad81f68ae011e31f14c2936fe
Commit Message: auth: new api auth implementation Additional Description: To close #34877 Risk Level: low. New extension. Testing: unit, integration. Docs Changes: added. Release Notes: added. Platform Specific Features: n/a. --------- Signed-off-by: wangbaiping/wbpcode <[email protected]> Signed-off-by: wangbaiping(wbpcode) <[email protected]> Signed-off-by: code <[email protected]> Co-authored-by: Adi (Suissa) Peleg <[email protected]> Co-authored-by: yanavlasov <[email protected]>
Title: API Key auth
Description:
An HTTP filter to support API Key auth. The API key authentication filter can be used to authorize HTTP requests using the provided API key in the request. API keys are a simple and widely used method in web services to ensure that only authorized applications and users can interact with the API. It would be beneficial if Envoy could support this feature.
An API key is a token that a client provides when making API calls. The key can be sent in the query string:
or as a request header:
or as a cookie:
[optional Relevant Links:]
https://swagger.io/docs/specification/authentication/api-keys/
envoyproxy/gateway#2630
The text was updated successfully, but these errors were encountered: