"Access to this API has been disallowed" error when adding new api endpoint to policy

Hi All

I am using tyk cloud. I have a number of working API endpoints currently all set up through the dashboard. Each uses JWT authentication mode. I have a single policy set up and I can access these endpoints using postman without any errors, supplying a valid JWT token.

However, when I add a new API with the same configuration as the others and add that API to the existing policy and test with a new, valid JWT token with a sub value that has been used before then accessing that endpoint returns

“error”: “Access to this API has been disallowed”

I can access the old APIs with that token, just not the new one. If I generate a new JWT with a new sub, I get access.

It looks like sessions aren’t getting flushed correctly when the policy gets updated? Is this expected behaviour? Its definitely repeatable for me. I’ve tried this several times now using various JWTs and adding new endpoints.

Hi Ken,

I can recreate this issue and have opened up a ticket for it which you can follow here JWT's with existing sub claim cannot access new APIs added to the policy · Issue #1552 · TykTechnologies/tyk · GitHub :slight_smile:

Let me know if you need any more help!


Hey, thanks Luan!

Is there a way to flush the session cache manually?