Skip to content

Portal Authorization

In this tutorial, you will learn how to set up and grant user access to API Portals.

Before you begin

This tutorial assumes that you followed the tutorial about how to publish APIs from CRDs

1. User management

For this tutorial, you will add a new user called Kim Yeast and this user will be part of the user group support.

Head over to the user overview in the API Management UI and add the new user by selecting Add User in the top right corner.

Add new user

Add new user

Fill out the form, make sure to add the user to the group support and select Create

If the group does not exist, select Create new User Group and create the group.

Fill out the form

Create a new user

Copy the URL shown in the pop-up into your clipboard, open the URL in a new browser tab and fill in a secure password.

Set user password

Set user password

Check that the user is created and is assigned to the group support

Check user settings

Check user settings

2. Portal settings

After you validated that the user is created and assigned to the right group, head over to the Portal overview and select your API Portal which is assigned to the APIs.

Portal overview

Portal overview

Here you can see that the user group support has access to two APIs, the flight and the ticket API.

API access control overview

API access control overview

API Portal access policies are bind to the APIAccess CRD.

Once you created a user and assigned the user to a user group, you have to appoint the user group to an API in the APIAccess CRD.

3. APIAccess

---
apiVersion: hub.traefik.io/v1alpha1
kind: APIAccess
metadata:
  name: custom-pick
spec:
  groups:
    - support
  apiSelector:
    matchExpressions:
      - key: area
        operator: In
        values:
          - flights
          - tickets

Summary

In this tutorial, you learned how to:

  • Add user and create groups
  • Add a user group to APIs (API access control)

What's next