Glossary

TermDefinition
AdminAn admin is a Kong Gateway user account capable of accessing the Admin API or Kong Manager.
AuthenticationAuthentication is the process by which a system validates the identity of a user account.
AuthorizationAuthorization is the system of defining access to certain resources. In Kong Gateway, role-based access control (RBAC) is the main authorization mode.
BetaSee stability.
CatalogA list of all specs within a Dev Portal instance. This catalog can react to developer permissions, allowing a given developer to see whatever specs their role permits.
ClientA Kong client refers to the downstream client making requests to Kong Gateway’s proxy port. It could be another service in a distributed application, a user’s identity, a user’s browser, or a specific device.
ConsumerA consumer object represents the client of a service. A consumer is also the Admin API entity representing a developer or machine using the API.
CredentialA unique string associated with a consumer; also referred to as an API key.
Dev PortalA web application that functions as a collection of API products, specs and documentation objects. The purpose of a portal is to allow registration and consumption of services running through Kong to other teams, developers, and partners.
GroupsSets of role-defined entities.
HostA host represents the domain hosts (using DNS) intended to receive upstream traffic. In Kong Gateway, it is a list of domain names that match a route object.
Kong pluginA plugin developed, maintained, and supported by Kong.
PermissionA permission is a policy representing the ability to create, read, update, or destroy an Admin API entity defined by endpoints.
PluginPlugins provide advanced functionality and extend the use of Kong Gateway, allowing you to add new features to your gateway. Plugins can be configured to run in a variety of contexts, ranging from a specific route to all upstreams. Plugins can perform operations in your environment, such as authentication, rate-limiting, or transformations on a proxied request.
ProxyKong Gateway is a reverse proxy that manages traffic between clients and hosts. As a gateway, Kong’s proxy functionality evaluates any incoming HTTP request against configured routes.
Rate LimitingRate limiting allows you to restrict how many requests your upstream services receive from your API consumers, or how often each user can call the API. Rate limiting protects the APIs from inadvertent or malicious overuse.
RoleA role is a set of permissions that may be reused and assigned to admins.
RouteA route, also referred to as a route object, defines rules to match client requests to upstream services. Each route is associated with a service, and a service may have multiple routes associated with it. routes are entry points to upstream services.
ServiceA service, also referred to as a service object, is the upstream APIs and microservices that Kong manages. For example, a service could be a data transformation microservice or a billing API. The main attribute of a service is its URL, the destination where Kong Gateway proxies traffic. The URL can be set as a single string, or by specifying its protocol, host, port, and path.
Super adminA super admin, or any role with read and write access to the /admins and /rbac endpoints, creates new Roles and customize permissions. A super admin can invite and disable other admin accounts, assign and revoke roles to admins, create new roles with custom permissions, and create new workspaces.
SpecAn OpenAPI definition of your service in YAML or JSON format. Can be uploaded to Dev Portal to share with developers in your organization.
TagsTags are customer-defined labels that let you manage, search for, and filter core entities using the ?tags querystring parameter. Tags can be added when creating or editing most core entities. Each tag must be composed of one or more alphanumeric characters, _\, -, . or ~.
TeamsTeams organize developers into working groups.
Tech previewSee stability.
Third-party or community pluginA custom plugin developed, maintained, and supported by an external developer, not by Kong. Kong does not test these plugins, or update their version compatibility.
UpstreamAn upstream object refers to the API or service managed by Kong Gateway, to which client requests are forwarded. An upstream object represents a virtual hostname and can be used to load balance incoming requests over multiple services.
WorkspacesWorkspaces enable an organization to segment objects and admins into namespaces. The segmentation allows teams of admins sharing the same Kong Gateway cluster to adopt roles for interacting with specific objects.