traefik/docs/content/middlewares/http/basicauth.md

---
title: "Traefik BasicAuth Documentation"
description: "The HTTP basic authentication (BasicAuth) middleware in Traefik Proxy restricts access to your Services to known users. Read the technical documentation."
---

# BasicAuth

Adding Basic Authentication
{: .subtitle }

![BasicAuth](../../assets/img/middleware/basicauth.png)

The BasicAuth middleware grants access to services to authorized users only.

## Configuration Examples

```yaml tab="Docker & Swarm"
# Declaring the user list
#
# Note: when used in docker-compose.yml all dollar signs in the hash need to be doubled for escaping.
# To create user:password pair, it's possible to use this command:
# echo $(htpasswd -nB user) | sed -e s/\\$/\\$\\$/g
#
# Also note that dollar signs should NOT be doubled when they not evaluated (e.g. Ansible docker_container module).
labels:
  - "traefik.http.middlewares.test-auth.basicauth.users=test:$$apr1$$H6uskkkW$$IgXLP6ewTrSuBkTrqE8wj/,test2:$$apr1$$d9hr9HBB$$4HxwgUir3HP4EsggP/QNo0"
```

```yaml tab="Kubernetes"
# Declaring the user list
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
  name: test-auth
spec:
  basicAuth:
    secret: secretName
```

```yaml tab="Consul Catalog"
- "traefik.http.middlewares.test-auth.basicauth.users=test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/,test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0"
```

```yaml tab="File (YAML)"
# Declaring the user list
http:
  middlewares:
    test-auth:
      basicAuth:
        users:
          - "test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/"
          - "test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0"
```

```toml tab="File (TOML)"
# Declaring the user list
[http.middlewares]
  [http.middlewares.test-auth.basicAuth]
  users = [
    "test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/",
    "test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0",
  ]
```

## Configuration Options

### General

Passwords must be hashed using MD5, SHA1, or BCrypt.

!!! tip

    Use `htpasswd` to generate the passwords.

### `users`

The `users` option is an array of authorized users. Each user must be declared using the `name:hashed-password` format.

!!! note ""

    - If both `users` and `usersFile` are provided, the two are merged. The contents of `usersFile` have precedence over the values in `users`.
    - For security reasons, the field `users` doesn't exist for Kubernetes IngressRoute, and one should use the `secret` field instead.

!!! note "Kubernetes kubernetes.io/basic-auth secret type"
    
    Kubernetes supports a special `kubernetes.io/basic-auth` secret type.
    This secret must contain two keys: `username` and `password`.
    Please note that these keys are not hashed or encrypted in any way, and therefore is less secure than other methods.
    You can find more information on the [Kubernetes Basic Authentication Secret Documentation](https://kubernetes.io/docs/concepts/configuration/secret/#basic-authentication-secret)

```yaml tab="Docker & Swarm"
# Declaring the user list
#
# Note: when used in docker-compose.yml all dollar signs in the hash need to be doubled for escaping.
# To create a user:password pair, the following command can be used:
# echo $(htpasswd -nb user password) | sed -e s/\\$/\\$\\$/g
#
# Also note that dollar signs should NOT be doubled when they not evaluated (e.g. Ansible docker_container module).
labels:
  - "traefik.http.middlewares.test-auth.basicauth.users=test:$$apr1$$H6uskkkW$$IgXLP6ewTrSuBkTrqE8wj/,test2:$$apr1$$d9hr9HBB$$4HxwgUir3HP4EsggP/QNo0"
```

```yaml tab="Kubernetes"
# Declaring the user list
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
  name: test-auth
spec:
  basicAuth:
    secret: authsecret

---
# Note: in a kubernetes secret the string (e.g. generated by htpasswd) must be base64-encoded first.
# To create an encoded user:password pair, the following command can be used:
# htpasswd -nb user password | openssl base64

apiVersion: v1
kind: Secret
metadata:
  name: authsecret
  namespace: default
data:
  users: |2
    dGVzdDokYXByMSRINnVza2trVyRJZ1hMUDZld1RyU3VCa1RycUU4d2ovCnRlc3QyOiRhcHIxJGQ5
    aHI5SEJCJDRIeHdnVWlyM0hQNEVzZ2dQL1FObzAK

---
# This is an alternate auth secret that demonstrates the basic-auth secret type.
# Note: the password is not hashed, and is merely base64 encoded.

apiVersion: v1
kind: Secret
metadata:
  name: authsecret2
  namespace: default
type: kubernetes.io/basic-auth
data:
  username: dXNlcg== # username: user
  password: cGFzc3dvcmQ= # password: password
```

```yaml tab="Consul Catalog"
# Declaring the user list
- "traefik.http.middlewares.test-auth.basicauth.users=test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/,test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0"
```

```yaml tab="File (YAML)"
# Declaring the user list
http:
  middlewares:
    test-auth:
      basicAuth:
        users:
          - "test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/"
          - "test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0"
```

```toml tab="File (TOML)"
# Declaring the user list
[http.middlewares]
  [http.middlewares.test-auth.basicAuth]
    users = [
      "test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/",
      "test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0",
    ]
```

### `usersFile`

The `usersFile` option is the path to an external file that contains the authorized users for the middleware.

The file content is a list of `name:hashed-password`.

!!! note ""

    - If both `users` and `usersFile` are provided, the two are merged. The contents of `usersFile` have precedence over the values in `users`.
    - Because it does not make much sense to refer to a file path on Kubernetes, the `usersFile` field doesn't exist for Kubernetes IngressRoute, and one should use the `secret` field instead.

```yaml tab="Docker & Swarm"
labels:
  - "traefik.http.middlewares.test-auth.basicauth.usersfile=/path/to/my/usersfile"
```

```yaml tab="Kubernetes"
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
  name: test-auth
spec:
  basicAuth:
    secret: authsecret

---
apiVersion: v1
kind: Secret
metadata:
  name: authsecret
  namespace: default

data:
  users: |2
    dGVzdDokYXByMSRINnVza2trVyRJZ1hMUDZld1RyU3VCa1RycUU4d2ovCnRlc3QyOiRhcHIxJGQ5
    aHI5SEJCJDRIeHdnVWlyM0hQNEVzZ2dQL1FObzAK
```

```yaml tab="Consul Catalog"
- "traefik.http.middlewares.test-auth.basicauth.usersfile=/path/to/my/usersfile"
```

```yaml tab="File (YAML)"
http:
  middlewares:
    test-auth:
      basicAuth:
        usersFile: "/path/to/my/usersfile"
```

```toml tab="File (TOML)"
[http.middlewares]
  [http.middlewares.test-auth.basicAuth]
    usersFile = "/path/to/my/usersfile"
```

??? example "A file containing test/test and test2/test2"

    ```txt
    test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/
    test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0
    ```

### `realm`

You can customize the realm for the authentication with the `realm` option. The default value is `traefik`.

```yaml tab="Docker & Swarm"
labels:
  - "traefik.http.middlewares.test-auth.basicauth.realm=MyRealm"
```

```yaml tab="Kubernetes"
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
  name: test-auth
spec:
  basicAuth:
    realm: MyRealm
```

```json tab="Consul Catalog"
- "traefik.http.middlewares.test-auth.basicauth.realm=MyRealm"
```

```yaml tab="File (YAML)"
http:
  middlewares:
    test-auth:
      basicAuth:
        realm: "MyRealm"
```

```toml tab="File (TOML)"
[http.middlewares]
  [http.middlewares.test-auth.basicAuth]
    realm = "MyRealm"
```

### `headerField`

You can define a header field to store the authenticated user using the `headerField`option.

```yaml tab="Docker & Swarm"
labels:
  - "traefik.http.middlewares.my-auth.basicauth.headerField=X-WebAuth-User"
```

```yaml tab="Kubernetes"
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
  name: my-auth
spec:
  basicAuth:
    # ...
    headerField: X-WebAuth-User
```

```json tab="Consul Catalog"
- "traefik.http.middlewares.my-auth.basicauth.headerField=X-WebAuth-User"
```

```yaml tab="File (YAML)"
http:
  middlewares:
    my-auth:
      basicAuth:
        # ...
        headerField: "X-WebAuth-User"
```

```toml tab="File (TOML)"
[http.middlewares.my-auth.basicAuth]
  # ...
  headerField = "X-WebAuth-User"
```

### `removeHeader`

Set the `removeHeader` option to `true` to remove the authorization header before forwarding the request to your service. (Default value is `false`.)

```yaml tab="Docker & Swarm"
labels:
  - "traefik.http.middlewares.test-auth.basicauth.removeheader=true"
```

```yaml tab="Kubernetes"
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
  name: test-auth
spec:
  basicAuth:
    removeHeader: true
```

```json tab="Consul Catalog"
- "traefik.http.middlewares.test-auth.basicauth.removeheader=true"
```

```yaml tab="File (YAML)"
http:
  middlewares:
    test-auth:
      basicAuth:
        removeHeader: true
```

```toml tab="File (TOML)"
[http.middlewares]
  [http.middlewares.test-auth.basicAuth]
    removeHeader = true
```
Add title and description metadata to documentation pages 2022-04-15 13:44:08 +00:00			`---`
			`title: "Traefik BasicAuth Documentation"`
			`description: "The HTTP basic authentication (BasicAuth) middleware in Traefik Proxy restricts access to your Services to known users. Read the technical documentation."`
			`---`

Documentation Revamp Co-authored-by: jbdoumenjou <jb.doumenjou@gmail.com> 2019-02-26 13:50:07 +00:00			`# BasicAuth`

			`Adding Basic Authentication`
			`{: .subtitle }`

Add TCP Middlewares support 2021-06-11 13:30:05 +00:00			`![BasicAuth](../../assets/img/middleware/basicauth.png)`
Documentation Revamp Co-authored-by: jbdoumenjou <jb.doumenjou@gmail.com> 2019-02-26 13:50:07 +00:00
Rephrase BasicAuth and DigestAuth docs 2023-11-10 08:32:05 +00:00			`The BasicAuth middleware grants access to services to authorized users only.`
Documentation Revamp Co-authored-by: jbdoumenjou <jb.doumenjou@gmail.com> 2019-02-26 13:50:07 +00:00
			`## Configuration Examples`

Split Docker provider 2023-05-10 13:28:05 +00:00			```yaml tab="Docker & Swarm"
Enhance middleware examples. 2019-03-29 11:34:05 +00:00			`# Declaring the user list`
docker-compose basic auth needs dubble dollar signs 2019-05-03 08:16:06 +00:00			`#`
Update basicauth.md 2020-07-01 10:28:04 +00:00			`# Note: when used in docker-compose.yml all dollar signs in the hash need to be doubled for escaping.`
docker-compose basic auth needs dubble dollar signs 2019-05-03 08:16:06 +00:00			`# To create user:password pair, it's possible to use this command:`
Doc: improve basic auth middleware httpasswd example 2021-03-22 14:26:03 +00:00			`# echo $(htpasswd -nB user) \| sed -e s/\\$/\\$\\$/g`
Update basicauth.md 2020-07-01 10:28:04 +00:00			`#`
			`# Also note that dollar signs should NOT be doubled when they not evaluated (e.g. Ansible docker_container module).`
Enhance middleware examples. 2019-03-29 11:34:05 +00:00			`labels:`
YAML I love you 2019-09-23 15:00:06 +00:00			`- "traefik.http.middlewares.test-auth.basicauth.users=test:$$apr1$$H6uskkkW$$IgXLP6ewTrSuBkTrqE8wj/,test2:$$apr1$$d9hr9HBB$$4HxwgUir3HP4EsggP/QNo0"`
Adds middlewares examples for k8s. 2019-04-03 12:32:04 +00:00			```

			```yaml tab="Kubernetes"
			`# Declaring the user list`
Introduce traefik.io API Group CRDs 2023-03-20 14:38:08 +00:00			`apiVersion: traefik.io/v1alpha1`
Adds middlewares examples for k8s. 2019-04-03 12:32:04 +00:00			`kind: Middleware`
			`metadata:`
			`name: test-auth`
			`spec:`
			`basicAuth:`
Auth middlewares in kubernetes CRD uses secrets 2019-09-05 11:42:04 +00:00			`secret: secretName`
Enhance middleware examples. 2019-03-29 11:34:05 +00:00			```

Add Consul Catalog provider 2019-10-15 15:34:08 +00:00			```yaml tab="Consul Catalog"
			`- "traefik.http.middlewares.test-auth.basicauth.users=test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/,test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0"`
			```

doc: improve examples. 2019-07-22 07:58:04 +00:00			```yaml tab="File (YAML)"
			`# Declaring the user list`
			`http:`
			`middlewares:`
			`test-auth:`
			`basicAuth:`
			`users:`
Changing default file format for the snippets from TOML to YAML 2021-06-18 22:08:08 +00:00			`- "test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/"`
YAML I love you 2019-09-23 15:00:06 +00:00			`- "test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0"`
doc: improve examples. 2019-07-22 07:58:04 +00:00			```

Changing default file format for the snippets from TOML to YAML 2021-06-18 22:08:08 +00:00			```toml tab="File (TOML)"
			`# Declaring the user list`
			`[http.middlewares]`
			`[http.middlewares.test-auth.basicAuth]`
			`users = [`
			`"test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/",`
			`"test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0",`
			`]`
			```

Documentation Revamp Co-authored-by: jbdoumenjou <jb.doumenjou@gmail.com> 2019-02-26 13:50:07 +00:00			`## Configuration Options`

			`### General`

docs: terminology, replace 'encoded' by 'hashed' 2020-03-13 16:30:04 +00:00			`Passwords must be hashed using MD5, SHA1, or BCrypt.`
Documentation Revamp Co-authored-by: jbdoumenjou <jb.doumenjou@gmail.com> 2019-02-26 13:50:07 +00:00
Changing default file format for the snippets from TOML to YAML 2021-06-18 22:08:08 +00:00			`!!! tip`
Use the same case everywhere 2019-07-01 09:30:05 +00:00
Documentation Revamp Co-authored-by: jbdoumenjou <jb.doumenjou@gmail.com> 2019-02-26 13:50:07 +00:00			Use `htpasswd` to generate the passwords.

Adds middlewares examples for k8s. 2019-04-03 12:32:04 +00:00			### `users`
Documentation Revamp Co-authored-by: jbdoumenjou <jb.doumenjou@gmail.com> 2019-02-26 13:50:07 +00:00
Middleware documentation fixes 2021-02-11 13:34:04 +00:00			The `users` option is an array of authorized users. Each user must be declared using the `name:hashed-password` format.
Documentation Revamp Co-authored-by: jbdoumenjou <jb.doumenjou@gmail.com> 2019-02-26 13:50:07 +00:00
Improve routing documentation 2019-09-23 12:32:04 +00:00			`!!! note ""`
Changing default file format for the snippets from TOML to YAML 2021-06-18 22:08:08 +00:00
Auth middlewares in kubernetes CRD uses secrets 2019-09-05 11:42:04 +00:00			- If both `users` and `usersFile` are provided, the two are merged. The contents of `usersFile` have precedence over the values in `users`.
			- For security reasons, the field `users` doesn't exist for Kubernetes IngressRoute, and one should use the `secret` field instead.

Support Kubernetes basic-auth secrets Co-authored-by: Romain <rtribotte@users.noreply.github.com> 2021-09-14 13:16:11 +00:00			`!!! note "Kubernetes kubernetes.io/basic-auth secret type"`

			Kubernetes supports a special `kubernetes.io/basic-auth` secret type.
			This secret must contain two keys: `username` and `password`.
			`Please note that these keys are not hashed or encrypted in any way, and therefore is less secure than other methods.`
			`You can find more information on the [Kubernetes Basic Authentication Secret Documentation](https://kubernetes.io/docs/concepts/configuration/secret/#basic-authentication-secret)`

Split Docker provider 2023-05-10 13:28:05 +00:00			```yaml tab="Docker & Swarm"
Auth middlewares in kubernetes CRD uses secrets 2019-09-05 11:42:04 +00:00			`# Declaring the user list`
			`#`
doc: align docker configuration example notes in basicauth HTTP middleware 2021-12-07 09:04:05 +00:00			`# Note: when used in docker-compose.yml all dollar signs in the hash need to be doubled for escaping.`
Adding an explanation how to use `htpasswd` for k8s secret 2020-01-20 12:24:05 +00:00			`# To create a user:password pair, the following command can be used:`
Auth middlewares in kubernetes CRD uses secrets 2019-09-05 11:42:04 +00:00			`# echo $(htpasswd -nb user password) \| sed -e s/\\$/\\$\\$/g`
doc: align docker configuration example notes in basicauth HTTP middleware 2021-12-07 09:04:05 +00:00			`#`
			`# Also note that dollar signs should NOT be doubled when they not evaluated (e.g. Ansible docker_container module).`
Auth middlewares in kubernetes CRD uses secrets 2019-09-05 11:42:04 +00:00			`labels:`
YAML I love you 2019-09-23 15:00:06 +00:00			`- "traefik.http.middlewares.test-auth.basicauth.users=test:$$apr1$$H6uskkkW$$IgXLP6ewTrSuBkTrqE8wj/,test2:$$apr1$$d9hr9HBB$$4HxwgUir3HP4EsggP/QNo0"`
Auth middlewares in kubernetes CRD uses secrets 2019-09-05 11:42:04 +00:00			```

			```yaml tab="Kubernetes"
			`# Declaring the user list`
Introduce traefik.io API Group CRDs 2023-03-20 14:38:08 +00:00			`apiVersion: traefik.io/v1alpha1`
Auth middlewares in kubernetes CRD uses secrets 2019-09-05 11:42:04 +00:00			`kind: Middleware`
			`metadata:`
			`name: test-auth`
			`spec:`
			`basicAuth:`
			`secret: authsecret`

			`---`
Adding an explanation how to use `htpasswd` for k8s secret 2020-01-20 12:24:05 +00:00			`# Note: in a kubernetes secret the string (e.g. generated by htpasswd) must be base64-encoded first.`
			`# To create an encoded user:password pair, the following command can be used:`
			`# htpasswd -nb user password \| openssl base64`

Auth middlewares in kubernetes CRD uses secrets 2019-09-05 11:42:04 +00:00			`apiVersion: v1`
			`kind: Secret`
			`metadata:`
			`name: authsecret`
			`namespace: default`
			`data:`
			`users: \|2`
			`dGVzdDokYXByMSRINnVza2trVyRJZ1hMUDZld1RyU3VCa1RycUU4d2ovCnRlc3QyOiRhcHIxJGQ5`
			`aHI5SEJCJDRIeHdnVWlyM0hQNEVzZ2dQL1FObzAK`
Support Kubernetes basic-auth secrets Co-authored-by: Romain <rtribotte@users.noreply.github.com> 2021-09-14 13:16:11 +00:00
			`---`
			`# This is an alternate auth secret that demonstrates the basic-auth secret type.`
			`# Note: the password is not hashed, and is merely base64 encoded.`

			`apiVersion: v1`
			`kind: Secret`
			`metadata:`
			`name: authsecret2`
			`namespace: default`
			`type: kubernetes.io/basic-auth`
			`data:`
			`username: dXNlcg== # username: user`
			`password: cGFzc3dvcmQ= # password: password`
Auth middlewares in kubernetes CRD uses secrets 2019-09-05 11:42:04 +00:00			```

Add Consul Catalog provider 2019-10-15 15:34:08 +00:00			```yaml tab="Consul Catalog"
			`# Declaring the user list`
			`- "traefik.http.middlewares.test-auth.basicauth.users=test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/,test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0"`
			```

Auth middlewares in kubernetes CRD uses secrets 2019-09-05 11:42:04 +00:00			```yaml tab="File (YAML)"
			`# Declaring the user list`
			`http:`
			`middlewares:`
			`test-auth:`
			`basicAuth:`
			`users:`
Changing default file format for the snippets from TOML to YAML 2021-06-18 22:08:08 +00:00			`- "test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/"`
YAML I love you 2019-09-23 15:00:06 +00:00			`- "test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0"`
Auth middlewares in kubernetes CRD uses secrets 2019-09-05 11:42:04 +00:00			```

Changing default file format for the snippets from TOML to YAML 2021-06-18 22:08:08 +00:00			```toml tab="File (TOML)"
			`# Declaring the user list`
			`[http.middlewares]`
			`[http.middlewares.test-auth.basicAuth]`
			`users = [`
			`"test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/",`
			`"test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0",`
			`]`
			```

Adds middlewares examples for k8s. 2019-04-03 12:32:04 +00:00			### `usersFile`
Documentation Revamp Co-authored-by: jbdoumenjou <jb.doumenjou@gmail.com> 2019-02-26 13:50:07 +00:00
			The `usersFile` option is the path to an external file that contains the authorized users for the middleware.

docs: terminology, replace 'encoded' by 'hashed' 2020-03-13 16:30:04 +00:00			The file content is a list of `name:hashed-password`.
Documentation Revamp Co-authored-by: jbdoumenjou <jb.doumenjou@gmail.com> 2019-02-26 13:50:07 +00:00
Improve routing documentation 2019-09-23 12:32:04 +00:00			`!!! note ""`
Changing default file format for the snippets from TOML to YAML 2021-06-18 22:08:08 +00:00
Auth middlewares in kubernetes CRD uses secrets 2019-09-05 11:42:04 +00:00			- If both `users` and `usersFile` are provided, the two are merged. The contents of `usersFile` have precedence over the values in `users`.
Changing default file format for the snippets from TOML to YAML 2021-06-18 22:08:08 +00:00			- Because it does not make much sense to refer to a file path on Kubernetes, the `usersFile` field doesn't exist for Kubernetes IngressRoute, and one should use the `secret` field instead.
Auth middlewares in kubernetes CRD uses secrets 2019-09-05 11:42:04 +00:00
Split Docker provider 2023-05-10 13:28:05 +00:00			```yaml tab="Docker & Swarm"
Auth middlewares in kubernetes CRD uses secrets 2019-09-05 11:42:04 +00:00			`labels:`
YAML I love you 2019-09-23 15:00:06 +00:00			`- "traefik.http.middlewares.test-auth.basicauth.usersfile=/path/to/my/usersfile"`
Auth middlewares in kubernetes CRD uses secrets 2019-09-05 11:42:04 +00:00			```

			```yaml tab="Kubernetes"
Introduce traefik.io API Group CRDs 2023-03-20 14:38:08 +00:00			`apiVersion: traefik.io/v1alpha1`
Auth middlewares in kubernetes CRD uses secrets 2019-09-05 11:42:04 +00:00			`kind: Middleware`
			`metadata:`
			`name: test-auth`
			`spec:`
			`basicAuth:`
			`secret: authsecret`

			`---`
			`apiVersion: v1`
			`kind: Secret`
			`metadata:`
			`name: authsecret`
			`namespace: default`

			`data:`
			`users: \|2`
			`dGVzdDokYXByMSRINnVza2trVyRJZ1hMUDZld1RyU3VCa1RycUU4d2ovCnRlc3QyOiRhcHIxJGQ5`
			`aHI5SEJCJDRIeHdnVWlyM0hQNEVzZ2dQL1FObzAK`
			```

Add Consul Catalog provider 2019-10-15 15:34:08 +00:00			```yaml tab="Consul Catalog"
			`- "traefik.http.middlewares.test-auth.basicauth.usersfile=/path/to/my/usersfile"`
			```

Auth middlewares in kubernetes CRD uses secrets 2019-09-05 11:42:04 +00:00			```yaml tab="File (YAML)"
			`http:`
			`middlewares:`
			`test-auth:`
			`basicAuth:`
			`usersFile: "/path/to/my/usersfile"`
			```

Changing default file format for the snippets from TOML to YAML 2021-06-18 22:08:08 +00:00			```toml tab="File (TOML)"
			`[http.middlewares]`
			`[http.middlewares.test-auth.basicAuth]`
			`usersFile = "/path/to/my/usersfile"`
			```

Documentation Revamp Co-authored-by: jbdoumenjou <jb.doumenjou@gmail.com> 2019-02-26 13:50:07 +00:00			`??? example "A file containing test/test and test2/test2"`

Review documentation 2019-04-24 15:44:04 +00:00			```txt
Documentation Revamp Co-authored-by: jbdoumenjou <jb.doumenjou@gmail.com> 2019-02-26 13:50:07 +00:00			`test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/`
			`test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0`
			```

Adds middlewares examples for k8s. 2019-04-03 12:32:04 +00:00			### `realm`
Documentation Revamp Co-authored-by: jbdoumenjou <jb.doumenjou@gmail.com> 2019-02-26 13:50:07 +00:00
Changing default file format for the snippets from TOML to YAML 2021-06-18 22:08:08 +00:00			You can customize the realm for the authentication with the `realm` option. The default value is `traefik`.
Documentation Revamp Co-authored-by: jbdoumenjou <jb.doumenjou@gmail.com> 2019-02-26 13:50:07 +00:00
Split Docker provider 2023-05-10 13:28:05 +00:00			```yaml tab="Docker & Swarm"
Auth middlewares in kubernetes CRD uses secrets 2019-09-05 11:42:04 +00:00			`labels:`
YAML I love you 2019-09-23 15:00:06 +00:00			`- "traefik.http.middlewares.test-auth.basicauth.realm=MyRealm"`
Auth middlewares in kubernetes CRD uses secrets 2019-09-05 11:42:04 +00:00			```

			```yaml tab="Kubernetes"
Introduce traefik.io API Group CRDs 2023-03-20 14:38:08 +00:00			`apiVersion: traefik.io/v1alpha1`
Auth middlewares in kubernetes CRD uses secrets 2019-09-05 11:42:04 +00:00			`kind: Middleware`
			`metadata:`
			`name: test-auth`
			`spec:`
			`basicAuth:`
			`realm: MyRealm`
			```

Add Consul Catalog provider 2019-10-15 15:34:08 +00:00			```json tab="Consul Catalog"
			`- "traefik.http.middlewares.test-auth.basicauth.realm=MyRealm"`
			```

Auth middlewares in kubernetes CRD uses secrets 2019-09-05 11:42:04 +00:00			```yaml tab="File (YAML)"
			`http:`
			`middlewares:`
			`test-auth:`
			`basicAuth:`
			`realm: "MyRealm"`
			```

Changing default file format for the snippets from TOML to YAML 2021-06-18 22:08:08 +00:00			```toml tab="File (TOML)"
			`[http.middlewares]`
			`[http.middlewares.test-auth.basicAuth]`
			`realm = "MyRealm"`
			```

Adds middlewares examples for k8s. 2019-04-03 12:32:04 +00:00			### `headerField`
Documentation Revamp Co-authored-by: jbdoumenjou <jb.doumenjou@gmail.com> 2019-02-26 13:50:07 +00:00
Fix some documentation issues 2019-09-03 16:02:05 +00:00			You can define a header field to store the authenticated user using the `headerField`option.
Documentation Revamp Co-authored-by: jbdoumenjou <jb.doumenjou@gmail.com> 2019-02-26 13:50:07 +00:00
Split Docker provider 2023-05-10 13:28:05 +00:00			```yaml tab="Docker & Swarm"
Adds middlewares examples for k8s. 2019-04-03 12:32:04 +00:00			`labels:`
YAML I love you 2019-09-23 15:00:06 +00:00			`- "traefik.http.middlewares.my-auth.basicauth.headerField=X-WebAuth-User"`
Adds middlewares examples for k8s. 2019-04-03 12:32:04 +00:00			```
Documentation Revamp Co-authored-by: jbdoumenjou <jb.doumenjou@gmail.com> 2019-02-26 13:50:07 +00:00
Adds middlewares examples for k8s. 2019-04-03 12:32:04 +00:00			```yaml tab="Kubernetes"
Introduce traefik.io API Group CRDs 2023-03-20 14:38:08 +00:00			`apiVersion: traefik.io/v1alpha1`
Adds middlewares examples for k8s. 2019-04-03 12:32:04 +00:00			`kind: Middleware`
			`metadata:`
			`name: my-auth`
			`spec:`
			`basicAuth:`
			`# ...`
			`headerField: X-WebAuth-User`
			```

Add Consul Catalog provider 2019-10-15 15:34:08 +00:00			```json tab="Consul Catalog"
			`- "traefik.http.middlewares.my-auth.basicauth.headerField=X-WebAuth-User"`
			```

doc: improve examples. 2019-07-22 07:58:04 +00:00			```yaml tab="File (YAML)"
			`http:`
			`middlewares:`
			`my-auth:`
			`basicAuth:`
			`# ...`
			`headerField: "X-WebAuth-User"`
			```

Changing default file format for the snippets from TOML to YAML 2021-06-18 22:08:08 +00:00			```toml tab="File (TOML)"
			`[http.middlewares.my-auth.basicAuth]`
			`# ...`
			`headerField = "X-WebAuth-User"`
			```

Adds middlewares examples for k8s. 2019-04-03 12:32:04 +00:00			### `removeHeader`
Documentation Revamp Co-authored-by: jbdoumenjou <jb.doumenjou@gmail.com> 2019-02-26 13:50:07 +00:00
			Set the `removeHeader` option to `true` to remove the authorization header before forwarding the request to your service. (Default value is `false`.)
Auth middlewares in kubernetes CRD uses secrets 2019-09-05 11:42:04 +00:00
Split Docker provider 2023-05-10 13:28:05 +00:00			```yaml tab="Docker & Swarm"
Auth middlewares in kubernetes CRD uses secrets 2019-09-05 11:42:04 +00:00			`labels:`
YAML I love you 2019-09-23 15:00:06 +00:00			`- "traefik.http.middlewares.test-auth.basicauth.removeheader=true"`
Auth middlewares in kubernetes CRD uses secrets 2019-09-05 11:42:04 +00:00			```

			```yaml tab="Kubernetes"
Introduce traefik.io API Group CRDs 2023-03-20 14:38:08 +00:00			`apiVersion: traefik.io/v1alpha1`
Auth middlewares in kubernetes CRD uses secrets 2019-09-05 11:42:04 +00:00			`kind: Middleware`
			`metadata:`
			`name: test-auth`
			`spec:`
			`basicAuth:`
			`removeHeader: true`
			```

Add Consul Catalog provider 2019-10-15 15:34:08 +00:00			```json tab="Consul Catalog"
			`- "traefik.http.middlewares.test-auth.basicauth.removeheader=true"`
			```

Auth middlewares in kubernetes CRD uses secrets 2019-09-05 11:42:04 +00:00			```yaml tab="File (YAML)"
			`http:`
			`middlewares:`
			`test-auth:`
			`basicAuth:`
			`removeHeader: true`
			```
Changing default file format for the snippets from TOML to YAML 2021-06-18 22:08:08 +00:00
			```toml tab="File (TOML)"
			`[http.middlewares]`
			`[http.middlewares.test-auth.basicAuth]`
			`removeHeader = true`
			```