Securing Endpoints with Basic Authentication
Basic Authentication (Basic Auth) is a simple but effective way to restrict access to your services by requiring a valid username and password before allowing requests to reach your upstream service.
When Basic Authentication is enabled:
🔐 Requests without valid credentials are automatically rejected with a 401 Unauthorized response.
🔐 Only authenticated users can access your protected services.
⚡ Authentication is enforced at the gateway level, reducing security overhead for your backend.
🔍 What are the Benefits of Basic Authentication?
HTTP Basic Authentication is a simple yet effective way to restrict access to sensitive services without requiring complex identity providers or OAuth-based authentication systems.
Key Benefits:
- Securing development or staging environments from public access.
- Adding a lightweight authentication layer when no other auth system is available.
- Protecting internal admin panels, dashboards, or API endpoints.
- Protect temporary or short-lived services without setting up an OAuth provider.
If you need more secure authentication methods for production traffic, consider the OAuth, OIDC, and JWT Validation guides.
Basic Authentication Examples
The following examples show how to set up an endpoint that accepts requests that contian basic auth credentials for either user:password1
or admin:password2
.
All other requests will be denied with a 401
response code.
Check out the basic auth traffic policy action page for more details about how it functions and the parameters it accepts.
- AgentEndpoint
- CloudEndpoint
- Ingress
- Gateway API
Loading…
Loading…
💡 Ingress
resources do not natively support Basic Authentication, but they can be extended using a traffic policy.
1. Create an NgrokTrafficPolicy
Loading…
2. Use the NgrokTrafficPolicy
on an Ingress
Loading…
💡 Gateway API resources do not natively support Basic Authentication, but they can be extended using a traffic policy.
1. Create an NgrokTrafficPolicy
Loading…
2. Use the NgrokTrafficPolicy
on a Gateway
The following example showcases supplying the NgrokTrafficPolicy
on a Gateway
resource. All requests to the Gateway
will run the traffic policy.
If you prefer, NgrokTrafficPolicy
can also be used on the route level by using an externalRef
filter on an HTTPRoute
. See the using Gateway API guide for examples.
Loading…