X-Credential-Username header insertion

Kong / kong

🦍 The Cloud-Native API Gateway and AI Gateway.

Apache License 2.0

39.24k stars 4.81k forks source link

Summary

Does anybody know what is the difference between X-Consumer-Username and X-Credential-Username headers when using Key Authentication? in the previous version (0.9) X-Credential-Username is added when request goes through upstream servers but now (0.10) X-Consumer-Username is added instead of X-Credential-Username.

Steps To Reproduce

create an API with keyauth plugin
call API endpoint
request is forwarded to upstream url defined in API conf 4.X-Credential-Username header is not added. instead X-Consumer-Username is added added

Additional Details & Logs

Kong version (0.10)
Kong debug-level startup logs ($ kong start --vv)
Kong error logs (<KONG_PREFIX>/logs/error.log)
Kong configuration (registered APIs/Plugins & configuration file)
Operating System

Hi,

From https://getkong.org/plugins/key-authentication/:

When a client has been authenticated, the plugin will append some headers to the request before proxying it to the upstream API/Microservice, so that you can identify the Consumer in your code:

X-Consumer-ID, the ID of the Consumer on Kong
X-Consumer-Custom-ID, the custom_id of the Consumer (if set)
X-Consumer-Username, the username of the Consumer (if set)
X-Credential-Username, the username of the Credential (only if the consumer is not the 'anonymous' consumer)
X-Anonymous-Consumer, will be set to true when authentication failed, and the 'anonymous' consumer was set instead.

Consumer objects are defined here: https://getkong.org/docs/0.10.x/admin-api/#consumer-object. Credentials are created as part of the configuration of various authentication plugins.

Also, please do not use GitHub issues for questions like this. As noted in the boilerplate, GitHub issues are to be reserved for bug reports; usage questions and support should be directed to Gitter or the Kong mailing list. Thank you!

Kong / kong