How to call API after implementing ACL plugin

Hello there,

I have created 3 consumers abc, xyz, pqr .
Later i have implemented key-auth plugin on all 3 users.
Now, i have implemented ACL plugin where i have whitelisted abc and xyz.
curl -i -X GET http://localhost:8000?apikey=abc123 --header ‘HOST:

still i am getting response like
{“message”:“You cannot consume this service”}

Am i doing something wrong, please can anyone help me .

So you add ACL to the proxy(api or route or service) itself, with an arbitrary whilelist group name, lets say you call it my-key-auth-api, next you also need to add that my-key-auth-api whitelist to EACH consumer abc,xyz,pqr as well. From reading what you have thus far it sounds like you either added the acl to the api or did not add the acl whitelist group directly to your consumers yet. Make sense?

When asking for assistance @c1ph3r (and anyone reading this :slight_smile: ) it greatly helps if you can provide your Kong configuration by using and pasting the output into a preformatted text block here in your Kong Nation posts.

Hey @Cooper will surely provide configuration of kong next time i post any issues , sorry for this time.
@jeremyjpj0916 I have solved my problem , thanks for replying .

1 Like