Microservices Engine:Authentication

Plug-in

Feature description

key-auth

The key-auth plug-in is used for authentication based on API keys. You can use the key-auth plug-in to parse API keys from the URL parameters or request headers of HTTP requests and check whether the API keys are valid for access to services.

basic-auth

The basic-auth plug-in is used for authentication based on the HTTP basic authentication specification.

hmac-auth

The hmac-auth plug-in is used to generate unforgeable signatures for HTTP requests based on the hash-based message authentication code (HMAC) algorithm. The signatures are used for identity authentication.

jwt-auth

The jwt-auth plug-in is used for authentication based on JSON Web Tokens (JWTs). This plug-in allows you to parse JWTs from URL parameters, headers, or cookies in HTTP requests and validate JWTs. In addition to the manual configuration of JWT authentication, you can also use the jwt-auth plug-in. The plug-in provides the caller identification capability and allows you to configure different JWT credentials for different callers.

edas-service-auth

edas-service-auth is a service authentication plug-in that is provided by Enterprise Distributed Application Service (EDAS). edas-service-auth adds authentication information to call requests from a Microservices Engine (MSE) cloud-native gateway to EDAS applications. The authentication information helps implement access control on specific microservice applications.

oauth

The oauth plug-in is used to issue OAuth 2.0 access tokens based on JWTs. The oauth plug-in complies with the RFC 9068 specification.

jwt-logout

The jwt-logout plug-in uses Redis to implement weak state management for JWTs. The plug-in resolves the issue that JWTs do not support proactive logout. You can also use the plug-in to implement single-device login of an account. For example, an account is automatically logged out from a device when the account is used to log on to another device.