fix(portal): Differences between KAA and ACE#5212
Conversation
Signed-off-by: Diana <75819066+cloudjumpercat@users.noreply.github.com>
…AA content Signed-off-by: Diana <75819066+cloudjumpercat@users.noreply.github.com>
✅ Deploy Preview for kongdeveloper ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
|
This is an excellent upgrade to the subject @cloudjumpercat ! |
smritikjaggi
left a comment
smritikjaggi
left a comment
There was a problem hiding this comment.
Looks good for the most part! Left some minor comments
| key: kaa | ||
| - title: ACE plugin | ||
| key: ace | ||
| rows: |
There was a problem hiding this comment.
Can we add the first row as "scope"? KAA is scoped to a single GW service where as ACE is scoped to an entire CP. I know we have mentioned it in the text above, but might be good to re-iterate it in the table form as well.
The "plugin applied" row covers this information partially, but the main point for that row is that KAA is applied automatically where as ACE must be applied intentionally by the user.
| {% endtable %} | ||
| <!--vale on--> | ||
| {:.danger} | ||
| > **Do not** configure the KAA and ACE plugin on the same control plane because their overlapping interactions can be unpredictable. No newline at end of file |
There was a problem hiding this comment.
Can this be a yellow attention banner? It may be missed in the current format.
| When you link a service with an API, {{site.konnect_short_name}} automatically adds the {{site.konnect_short_name}} Application Auth (KAA) plugin on that Service. The KAA plugin is responsible for applying authentication and authorization on the Service. The [authentication strategy](/dev-portal/auth-strategies/) that you select for the API defines how clients authenticate. While you can't directly modify the KAA plugin as it's managed by {{site.konnect_short_name}}, you can modify the plugin's behavior by adding JSON to the advanced configuration of your application auth strategy. | ||
| {% include /dev-portal/kaa-vs-ace.md %} | ||
|
|
||
| The following diagram shows how the KAA plugin manages authorization and authentication on the linked Service: |
There was a problem hiding this comment.
Do we need a similar diagram for ACE as well? My concern here is that users might think KAA is the preferred plugin given the details in our docs.
Co-authored-by: smritikjaggi <106987435+smritikjaggi@users.noreply.github.com>
… TF how to Signed-off-by: Diana <75819066+cloudjumpercat@users.noreply.github.com>
3 participants
Description
Fixes #5018
Preview Links
Checklist
descriptionentry in frontmatter.