Portal Authorization
In this tutorial, you will learn how to set up and grant user access to API Portals.
Before you begin¶
This tutorial assumes that you followed the tutorial about how to publish APIs from CRDs
1. User management¶
For this tutorial, you will add a new user called Kim Yeast and this user will be part of the user group support.
Head over to the user overview in the API Management UI and add the new user by selecting Add User in the top right corner.
Fill out the form, make sure to add the user to the group support and select Create
If the group does not exist, select Create new User Group and create the group.
Copy the URL shown in the pop-up into your clipboard, open the URL in a new browser tab and fill in a secure password.
Check that the user is created and is assigned to the group support
2. Portal settings¶
After you validated that the user is created and assigned to the right group, head over to the Portal overview and select your API Portal which is assigned to the APIs.
Here you can see that the user group support has access to two APIs, the flight and the ticket API.
API Portal access policies are bind to the APIAccess CRD.
Once you created a user and assigned the user to a user group, you have to appoint the user group to an API in the APIAccess CRD.
3. APIAccess¶
---
apiVersion: hub.traefik.io/v1alpha1
kind: APIAccess
metadata:
name: custom-pick
spec:
groups:
- support
apiSelector:
matchExpressions:
- key: area
operator: In
values:
- flights
- tickets
Summary¶
In this tutorial, you learned how to:
- Add user and create groups
- Add a user group to APIs (API access control)