Skip to main content

Enforcement Plugin Customization

Overview

This section provides developer guides for working with Keymate authorization enforcement plugins. These plugins integrate the Access Gateway with API gateways, service mesh, and reverse proxies, enforcing authorization decisions at different network layers. Guides cover local development setup, plugin architecture, configuration, extension points, and contribution workflows.

When to Read This Section

  • You want to integrate Keymate authorization into an Apache APISIX, Istio, or Nginx deployment
  • You want to set up a local development environment for plugin testing
  • You want to extend or customize plugin behavior for your use case
  • You want to understand the plugin architecture and request flow
  • You want to contribute to the enforcement plugin repositories

Who Should Start Here

  • Developer — Developers integrating, extending, or contributing to Keymate enforcement plugins

Key Topics

Plugin Local Development & Test Setup

Set up local development and test environments for APISIX and Istio plugins.

Extending the APISIX Plugin

Apache APISIX plugin architecture, configuration, request flow, and extension points.

Extending the Nginx Plugin

Nginx access plugin configuration and customization.

Extending the Istio Plugin

Istio service mesh plugin configuration, deployment via Kubernetes CRDs, and extension points.

Rust Plugin Development Patterns

Rust-based WASM plugin development for high-performance enforcement.

Contributing to Enforcement Plugins

Contribution workflow, code standards, testing requirements, and CI/CD pipeline.

  1. Plugin Local Development & Test Setup — Set up the local development environment
  2. Extending the APISIX Plugin — Understand Apache APISIX plugin architecture and configuration
  3. Extending the Istio Plugin — Understand Istio service mesh plugin deployment and configuration
  4. Contributing to Enforcement Plugins — Learn the contribution workflow and CI/CD pipeline