Home / Dev Portal
Edit
Report

Self-service developer and application registration

Beta and uses: Dev Portal
Related Documentation
All Dev Portal Documentation
OpenAPI Specifications
Konnect Portal Management
Incompatible with
on-prem
Tags
#application-registration #authentication #beta
Related Resources
SSO reference
Auth strategies
Developer sign-up
Configure Dynamic Client Registration with Okta
Configure Dynamic Client Registration with Curity
Configure Dynamic Client Registration with Auth0

Konnect Dev Portal provides flexible options for controlling access to content and APIs. When combined with a Gateway Service, developers visiting a Dev Portal can sign up, create an application, register it with an API, and retrieve API keys without intervention from Dev Portal administrators.

Developer sign ups and application creation require admin approval by default, which can be adjusted through the Konnect UI in Settings > Security.

Application registration is enabled by:

  • Enabling user authentication

  • Linking an API to a Gateway Service v3.6+

    This is required to enforce auth strategies.

  • Publishing an API to a Dev Portal

  • Selecting an authentication strategy when publishing the API to a Dev Portal

    This only applies to new APIs, it doesn’t retroactively change existing APIs.

Enable self-service app registration

Navigate to Settings > Security in your Dev Portal to manage registration flows.

For private portals, user authentication is enabled by default, and the default application Auth Strategy is key-auth.

For public content with restricted access, use visibility settings to show public Pages or APIs to anonymous users while restricting actions to logged-in users.

Region-specific applications

Applications and API keys are specific to a geographic region. When you enable application registration by selecting an authentication strategy during publication, the resulting applications and API keys are tied to the developers and traffic in that region.

Konnect application auth plugin

When you select an authentication strategy during API publication to a Dev Portal, Konnect automatically configures the Konnect application auth (KAA) plugin on the linked Gateway Service.

The KAA plugin enforces authentication using one of the following modes:

If no Gateway Service is linked at the time of configuration, the settings are saved and applied once a Service is linked. If a Service is later unlinked, the plugin is removed and applied to the next linked Service.

Something wrong?
Report an Issue | Edit this Page

Help us make these docs great!

Kong Developer docs are open source. If you find these useful and want to make them better, contribute today!
Contribute

Still need help

Ask in our Forum
Contact Support