Open mdan1eli opened 8 years ago
Sorry, I hadn't seen this. We can definitely investigate this idea. We are using a self-hosted instance so I will need to find a way to test this.
The idea is to have admin api protected with Kong itself, therefore available on HTTPS and protected with an authentication and ACL plugin.
Allow overloading of Kong client with an API Key and request path to manage admin api secured by Kong itself.