For the complete documentation index, see llms.txt. Markdown versions of all docs pages are available by appending .md to any docs URL.
Basic authentication
Verified Code examples on this page have been automatically tested and verified.Configure simple username and password authentication for your routes.
Agentgateway supports more than one configuration style. Where a feature can also be configured in the simplified
llm or mcp modes, the examples on this page show each option in tabs. For more information, see Routing-based configuration.Basic authentication enables a simple username/password authentication mechanism.
Warning
Basic authentication is not generally recommended for production use. At a minimum, use basic authentication along with TLS encryption.
The htpasswd field specifies the username/password pairs. See the htpasswd documentation. The realm field, optionally, specifies the realm name returned in error responses.
Additionally, authentication can run in two different modes:
- Strict: A valid username/password pair must be present.
- Optional (default): If a username/password pair exists, validate it.
Warning: This allows requests without a username/password pair!
# yaml-language-server: $schema=https://agentgateway.dev/schema/config
llm:
policies:
basicAuth:
mode: strict
# Generated with `htpasswd -nb -B user1 agentgateway`
# You can also use:
# htpasswd:
# file: /path/to/htpasswd
# With inline configuration, $ must be escaped to $$.
htpasswd: |
user1:$$2y$$05$$LMZ.8WGNqvagmtJz2Gw6VuiE6khXc2zc0FDTHrfWJyLT66HM8BMAa
realm: example.com
models:
- name: "*"
provider: openAI
params:
apiKey: "$OPENAI_API_KEY"Now to send requests, include the username and password.
curl http://user1:agentgateway@localhost:3000Was this page helpful?
