key-auth Can apikey be bound to the service

For now, the value of apikey is tied to the consumer.

The question is: Can apikey be bound to the service?

For example:

  • key1 can only access service A;
  • key2 can only access service B.

My understanding is that setting up the key-auth plugin for service means that you configure the authentication mechanism to identify the consumer that did the request.

When you are writing “key1 can only access service A;” , it looks like rather an authorisation. Once you identified the consumer matching with the key1, then you want to authorise him on the service.

I would go with the ACL plugin (
Combining the key-auth plugin for authentication and ACL plugin for authorisation should answer your need