Im using Konga for monitor Kong. I setup ACL plugin like this:
Group consumer:
Credential consumer:
Setup ACL plugin for route:
After setup like this, Accessiable Routes tab of consumer already have my setted up route
But when I call API catch: “message”: “You cannot consume this service” response message with 403 Forbidden error code, apikey be setted in header or param is the same result
What did I do wrong?
You did not include your key auth plugin config on the service/route shown here yet either. ACL plugin by itself is not enough.
Your idea is to add the ACL plugin and the key auth plugin at the same time?
I did that but I see that doing so only has the key auth work and the ACL has no effect.
When I turn off or turn on ACL while turning on the route’s key auth plugin, the result is still the same.
I think ACL must take credential of consumer for authentication and authorization, right?