Role-based Access Control

Secure your services with Role-based Access Control (RBAC).


Role-based Access Controls make it easy to grant and restrict access to Kong users and developers. By defining specific roles, Kong customers can define how a given individual or group of individuals can interact with Kong and the services exposed through the Kong platform. RBAC can be used to restrict what users can change or view within the Kong Manager, as well as what services they can view or consumer within the Kong Developer Portal. RBAC can also be combined with workspaces to implement group policies across entire development teams, groups of partners, regions or operating environments to minimize friction and ensure compliance.


Create custom roles to define exactly how people can publish, consume or modify services within Kong. Automatically assign roles to users and consumers during the onboarding process to reduce friction. Ensure compliance with organizational and industry policies by restricting access to sensitive information to authorized persons. Take advantage of RBAC within Kong Manager and the Developer Portal to easily grant or limit access privileges to individual users and consumers, or entire teams, partner companies, and environments via Workspaces.

Customer Voice

Customer Voice

“As we evaluated API platforms, it was critical that the vendor we chose could simultaneously support our existing services in the public cloud with what we are building in Kubernetes. Kong offered us the ability to unify services across clouds, which gave us the flexibility to build new services iteratively and how we wanted without fear of cloud lock-in.”

Jason Rodriguez,
VP of Engineering at SoulCycle

Customer Voice

Customer Voice

“We put Agile, DevOps and CI/CD at the heart of everything we do, and we realized that we needed new tooling to match the new ways we wanted to build products and services”

Jason Walker,
Sr Enterprise Architect, Cargill


Increase Compliance

Better comply with local, state and federal regulations by restricting how Kong can be accessed and used. Reduce the likelihood of violations for regulations such as HIPAA, the GDRP, and more by limiting access to sensitive services and data.

Learn More

Reduce Onboarding Friction

Grant appropriate access privileges automatically by assigning a role during the onboarding process. Implement RBAC across entire workspaces to limit what teams, partners, and other stakeholders can see or access.

Learn More

Enforce Standards

Implement RBAC to reduce risk of disruption or breaches. Empower team leaders to manage their entire development pipeline and proactively address production issues. Improve development efficiency by mandating workflow standards.

Learn More


Running Mission-Critical Microservices & APIs on Kong Enterprise

Related Resources


Microservices: The Journey and 3 Challenges You Will Uncover Along the Way


Blowing Up the Monolith


Using Kong Enterprise

Want to learn more?

Request a demo to talk to our experts to answer your questions and explore your needs.