New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[policy] [api-key] API Key not propagated #1363

MehrCurry opened this Issue Jul 4, 2018 · 2 comments


None yet
4 participants

MehrCurry commented Jul 4, 2018

I created an plan with an API Key authorization and checked "Propagate API Key to upstream API" for the echo service.

Expected Behavior

I expect to see a header containing the api key in the response of the echo service.

Current Behavior

  "headers" : {
    "Host" : "",
    "User-Agent" : "curl/7.52.1",
    "Accept" : "*/*",
    "Accept-Encoding" : "deflate, gzip",
    "X-Forwarded-For" : "",
    "X-Forwarded-Host" : "",
    "X-Forwarded-Proto" : "https",
    "X-Forwarded-Server" : "734bb5636800",
    "X-Gravitee-Transaction-Id" : "0c4f0aee-2dbd-45fb-8f0a-ee2dbdc5fb4b",
    "X-Traefik-Reqid" : "3864574"
  "query_params" : { }

Steps to Reproduce (for bugs)

  1. Create an echo API with endpoint
  2. Create an API Key plan with api key propagation checked
  3. Execute request


Your Environment

  • Version used: 1.15.5
  • Browser Name and version: curl
  • Operating System and version: Linux/Docker

Perhaps same as #1147

@brasseld brasseld self-assigned this Jul 4, 2018

@brasseld brasseld added the type: bug label Jul 4, 2018

@brasseld brasseld added this to the 1.18.0 milestone Jul 4, 2018

@brasseld brasseld changed the title from API Key not propagated to [policy] [api-key] API Key not propagated Jul 4, 2018


This comment has been minimized.

MehrCurry commented Jul 5, 2018

BTW: While further looking around i found two places to configure:

  • when creating a plan a can select "API Key" and check "propagate to downstream" - this is what i did
  • adding an API Key Policy to the service - i tried but did not get it working

How are these things related to each other?


This comment has been minimized.


NicolasGeraud commented Jul 5, 2018

the apikey policy is a legacy one. You should not use it.

the current workaround is to add the transform-headers policy and use our expression language to put the apikey in an header {#context.attributes['api-key']}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment