docs

shreemaan-abhishek · shreemaan-abhishek · commit ce57ee7c3f0e · 2026-01-08T09:21:18.000+05:45
Signed-off-by: Abhishek Choudhary &lt;shreemaan.abhishek@gmail.com&gt;
diff --git a/docs/en/latest/plugins/basic-auth.md b/docs/en/latest/plugins/basic-auth.md
@@ -55,6 +55,7 @@ For Route:
 |------------------|---------|----------|---------|------------------------------------------------------------------------|
 | hide_credentials | boolean | False    | false   | If true, do not pass the authorization request header to Upstream services. |
 | anonymous_consumer | boolean | False    | false | Anonymous Consumer name. If configured, allow anonymous users to bypass the authentication. |
+| realm            | string  | False    | basic | The realm to include in the `WWW-Authenticate` header when authentication fails. |
 
 ## Examples
 
diff --git a/docs/en/latest/plugins/hmac-auth.md b/docs/en/latest/plugins/hmac-auth.md
@@ -57,6 +57,7 @@ The following attributes are available for configurations on Routes or Services.
 | validate_request_body | boolean       | False    | false         |                              | If true, validate the integrity of the request body to ensure it has not been tampered with during transmission. Specifically, the Plugin creates a SHA-256 base64-encoded digest and compare it to the `Digest` header. If the Digest` header is missing or if the digests do not match, the validation fails.                          |
 | hide_credentials | boolean       | False    | false         |                              | If true, do not pass the authorization request header to Upstream services.                        |
 | anonymous_consumer | string    | False    |          |                              | Anonymous Consumer name. If configured, allow anonymous users to bypass the authentication.                        |
+| realm              | string    | False    | hmac     |                              | The realm to include in the `WWW-Authenticate` header when authentication fails.                                                                                             |
 
 NOTE: `encrypt_fields = {"secret_key"}` is also defined in the schema, which means that the field will be stored encrypted in etcd. See [encrypted storage fields](../plugin-develop.md#encrypted-storage-fields).
 
diff --git a/docs/en/latest/plugins/jwt-auth.md b/docs/en/latest/plugins/jwt-auth.md
@@ -68,6 +68,7 @@ For Routes or Services:
 | key_claim_name  | string  | False    | key     | The name of the JWT claim that contains the user key (corresponds to Consumer's key attribute). |
 | anonymous_consumer | string | False  | false  | Anonymous Consumer name. If configured, allow anonymous users to bypass the authentication.   |
 | store_in_ctx     | boolean | False    | false   | Set to true will store the JWT payload in the request context (`ctx.jwt_auth_payload`). This allows lower-priority plugins that run afterwards on the same request to retrieve and use the JWT token. |
+| realm            | string  | False    | jwt     | The realm to include in the `WWW-Authenticate` header when authentication fails. |
 
 You can implement `jwt-auth` with [HashiCorp Vault](https://www.vaultproject.io/) to store and fetch secrets and RSA keys pairs from its [encrypted KV engine](https://developer.hashicorp.com/vault/docs/secrets/kv) using the [APISIX Secret](../terminology/secret.md) resource.
 
diff --git a/docs/en/latest/plugins/key-auth.md b/docs/en/latest/plugins/key-auth.md
@@ -58,6 +58,7 @@ For Route:
 | query  | string | False    | apikey  | The query string to get the key from. Lower priority than header.                                                                                                                                                                                                             |
 | hide_credentials   | boolean | False    | false  | If true, do not pass the header or query string with key to Upstream services.  |
 | anonymous_consumer | string  | False    | false  | Anonymous Consumer name. If configured, allow anonymous users to bypass the authentication.  |
+| realm              | string  | False    | key    | The realm to include in the `WWW-Authenticate` header when authentication fails. |
 
 ## Examples
 
diff --git a/docs/en/latest/plugins/ldap-auth.md b/docs/en/latest/plugins/ldap-auth.md
@@ -53,6 +53,7 @@ For Route:
 | use_tls  | boolean | False    | `false` | If set to `true` uses TLS.                                             |
 | tls_verify| boolean  | False     | `false`        | Whether to verify the server certificate when `use_tls` is enabled; If set to `true`, you must set `ssl_trusted_certificate` in `config.yaml`, and make sure the host of `ldap_uri` matches the host in server certificate. |
 | uid      | string  | False    | `cn`    | uid attribute.                                                         |
+| realm    | string  | False    | ldap    | The realm to include in the `WWW-Authenticate` header when authentication fails.                 |
 
 ## Enable plugin
 
