OVERVIEW: Authentication and authorization are very necessary functions in an API gateway. In this way, services that sit behind the gateway can be protected from unauthorized or malicious access, data breaches, and hacks. The Apache APISIX is a dynamic, real-time, high-performance API gateway. And it provides a number of plugins, includes authentication and authorization like key-auth, Open-ID, wolf-RBAC, and so on. This proposal introduces how to use APISIX to do the authentication and authorization.

GOALS:

1. Introduce “what is API gateway Authentication”

2. Introduce “why are API authentication and authorization important”

3. How to use APISIX to do Authentication and Authorization

Speakers:

Xinxin Zhu: The committer of Apache APISIX.Have many years of working experience on CDN and be familiar with the API gateway.