Kong · Schema
HmacAuthPluginConfig
API GatewayAI GatewayAI ConnectivityAgent GatewayEvent GatewayMCP RegistryService MeshLLMKafkaKonnectOpen Source
Properties
| Name | Type | Description |
|---|---|---|
| config | object | |
| name | object | |
| protocols | array | A list of the request protocols that will trigger this plugin. The default value, as well as the possible values allowed on this field, may change depending on the plugin type. For example, plugins th |
| route | object | If set, the plugin will only activate when receiving requests via the specified route. Leave unset for the plugin to activate regardless of the route being used. |
| service | object | If set, the plugin will only activate when receiving requests via one of the routes belonging to the specified Service. Leave unset for the plugin to activate regardless of the Service being matched. |
JSON Schema
{
"$schema": "https://json-schema.org/draft/2020-12/schema",
"$id": "#/components/schemas/HmacAuthPluginConfig",
"title": "HmacAuthPluginConfig",
"x-speakeasy-entity": "PluginHmacAuth",
"properties": {
"config": {
"type": "object",
"properties": {
"algorithms": {
"description": "A list of HMAC digest algorithms that the user wants to support. Allowed values are `hmac-sha224`, `hmac-sha256`, `hmac-sha384`, `hmac-sha512`, and `hmac-sha1` (disabled by default, and not available in FIPS mode)",
"type": "array",
"items": {
"enum": [
"hmac-sha1",
"hmac-sha224",
"hmac-sha256",
"hmac-sha384",
"hmac-sha512"
],
"type": "string"
},
"default": [
"hmac-sha224",
"hmac-sha256",
"hmac-sha384",
"hmac-sha512"
]
},
"anonymous": {
"description": "An optional string (Consumer UUID or username) value to use as an \u201canonymous\u201d consumer if authentication fails.",
"type": "string"
},
"clock_skew": {
"description": "Clock skew in seconds to prevent replay attacks.",
"type": "number",
"default": 300
},
"enforce_headers": {
"description": "A list of headers that the client should at least use for HTTP signature creation.",
"type": "array",
"items": {
"type": "string"
},
"default": []
},
"hide_credentials": {
"description": "An optional boolean value telling the plugin to show or hide the credential from the upstream service.",
"type": "boolean",
"default": true
},
"realm": {
"description": "When authentication fails the plugin sends `WWW-Authenticate` header with `realm` attribute value.",
"type": "string"
},
"validate_request_body": {
"description": "A boolean value telling the plugin to enable body validation.",
"type": "boolean",
"default": false
}
}
},
"name": {
"const": "hmac-auth"
},
"protocols": {
"description": "A list of the request protocols that will trigger this plugin. The default value, as well as the possible values allowed on this field, may change depending on the plugin type. For example, plugins that only work in stream mode will only support tcp and tls.",
"type": "array",
"items": {
"enum": [
"grpc",
"grpcs",
"http",
"https",
"ws",
"wss"
],
"type": "string"
},
"format": "set",
"default": [
"grpc",
"grpcs",
"http",
"https",
"ws",
"wss"
]
},
"route": {
"description": "If set, the plugin will only activate when receiving requests via the specified route. Leave unset for the plugin to activate regardless of the route being used.",
"type": "object",
"additionalProperties": false,
"properties": {
"id": {
"type": "string"
}
}
},
"service": {
"description": "If set, the plugin will only activate when receiving requests via one of the routes belonging to the specified Service. Leave unset for the plugin to activate regardless of the Service being matched.",
"type": "object",
"additionalProperties": false,
"properties": {
"id": {
"type": "string"
}
}
}
}
}