Authentication Options of the API Portal
To let your developers log in to your API Portal, you can choose from the following means of authentication:
For e-mail and password log in, the portal supports reCAPTCHA to avoid robots signing up to your portal; additionally, you can configure the portal to validate email addresses.
Sending lost password reset requests is also supported; you only have to supply the API Portal with SMTP credentials.
Besides the portal authentication, your developers can register applications with the API Portal and subscribe to your APIs. You can choose to authenticate these applications using one of the following methods:
Credentials, i.e. API Keys or Client ID and Client Secret are generated for each application and per API subscription automatically, depending on how you choose to secure your API.
Need other means of authentication? Kong supports additional ones, such as JWT. File an issue on GitHub and tell us.