Kong · Authentication Profile

Kong Authentication

Authentication

Kong secures its APIs with apiKey and http across 2 declared security schemes, as derived from its OpenAPI definitions.

API GatewayAI GatewayAI ConnectivityAgent GatewayEvent GatewayMCP RegistryService MeshLLMKafkaKonnectOpen Source
Methods: apiKey, http Schemes: 2 OAuth flows: API key in: header

Security Schemes

adminToken apiKey
· in: header (Kong-Admin-Token)
personalAccessToken http
scheme: bearer

Source

Authentication Profile

Raw ↑
generated: '2026-07-11'
method: derived
source: openapi/kong-gateway-admin-api.yml, openapi/kong-konnect-platform-api.yml
summary:
  types:
  - apiKey
  - http
  api_key_in:
  - header
schemes:
- name: adminToken
  type: apiKey
  in: header
  parameter: Kong-Admin-Token
  sources:
  - openapi/kong-gateway-admin-api.yml
- name: personalAccessToken
  type: http
  scheme: bearer
  bearerFormat: Token
  description: The personal access token is meant to be used as an alternative to basic-auth
    when accessing Konnect via APIs. You can generate a Personal Access Token (PAT) from the
    personal access token page in the Konnect dashboard.
  sources:
  - openapi/kong-konnect-platform-api.yml