Source authetication using Kong

Is there a way to authenticate request source and API key together?

Scenario is like this :
If valid source IP range is

Kong should check API key and whether its incoming source is within the defined IP range, if both are valid, allowed to access the service.

I couldnt find a resource for this.

Kong has IP restriction plugin and key auth plugin. Maybe you can enable both plugin on your API service/route.


© 2019 Kong Inc.    Terms  •  Privacy  •  FAQ