Allow multiple authentication - Basic Auth and Bearer Token

Support
, , ,
4

Hi @Olu , thanks. I believe I tried that, but here’s a detailed information on this attempt:
When I enable basic and standard auth, I get below errors, no matter if using Authorization header and Basic Auth, or if using AuthToken header.

Authorization header:
{
“error”: “Authorization field missing”
}

image
image1568×244 63.7 KB

Using AuthToken header:
{
“error”: “Authorization field missing”
}

image
image1580×212 59.7 KB

These are the logs when I reload tyk’s config:
**pod/gateway-ql-tyk-headless

time="Feb 06 14:14:12" level=debug msg="Initializing API" api_id=8 api_name=demoapi org_id=1
time="Feb 06 14:14:12" level=debug msg=Init api_id=8 api_name=demoapi mw=VersionCheck org_id=1
time="Feb 06 14:14:12" level=debug msg=Init api_id=8 api_name=demoapi mw=RateCheckMW org_id=1
time="Feb 06 14:14:12" level=debug msg=Init api_id=8 api_name=demoapi mw=BasicAuthKeyIsValid org_id=1
time="Feb 06 14:14:12" level=info msg="Checking security policy: Basic" api_id=8 api_name=demoapi org_id=1
time="Feb 06 14:14:12" level=info msg="Checking security policy: Token" api_id=8 api_name=demoapi org_id=1
time="Feb 06 14:14:12" level=debug msg=Init api_id=8 api_name=demoapi mw=AuthKey org_id=1
time="Feb 06 14:14:12" level=debug msg=Init api_id=8 api_name=demoapi mw=KeyExpired org_id=1
time="Feb 06 14:14:12" level=debug msg=Init api_id=8 api_name=demoapi mw=AccessRightsCheck org_id=1
time="Feb 06 14:14:12" level=debug msg=Init api_id=8 api_name=demoapi mw=GranularAccessMiddleware org_id=1
time="Feb 06 14:14:12" level=debug msg=Init api_id=8 api_name=demoapi mw=RateLimitAndQuotaCheck org_id=1
time="Feb 06 14:14:12" level=debug msg=Init api_id=8 api_name=demoapi mw=VersionCheck org_id=1
time="Feb 06 14:14:12" level=debug msg=Init api_id=8 api_name=demoapi mw=KeyExpired org_id=1
time="Feb 06 14:14:12" level=debug msg=Init api_id=8 api_name=demoapi mw=AccessRightsCheck org_id=1
time="Feb 06 14:14:12" level=debug msg="Rate limit endpoint is: /demoapi/tyk/rate-limits" api_id=8 api_name=demoapi org_id=1
time="Feb 06 14:14:12" level=debug msg="Setting Listen Path: /demoapi/" api_id=8 api_name=demoapi org_id=1

API Definition:

{
      "name": "demoapi",
      "slug": "demoapi",
      "api_id": "8",
      "org_id": "1",
      "base_identity_provided_by": "",
      "use_basic_auth": true,
      "use_keyless": false,
      "use_standard_auth": true,
      "auth_configs": {
        "authToken": {
          "use_param": false,
          "param_name": "",
          "use_cookie": false,
          "auth_header_name": "AuthToken",
          "use_certificate": false,
          "signature": {
            "algorithm": "",
            "header": "",
            "secret": "",
            "allowed_clock_skew": 0,
            "error_code": 0,
            "error_message": ""
          }
        },
        "basic": {
          "use_param": false,
          "param_name": "",
          "use_cookie": false,
          "auth_header_name": "Authorization",
          "use_certificate": false,
          "signature": {
            "algorithm": "",
            "header": "",
            "secret": "",
            "allowed_clock_skew": 0,
            "error_code": 0,
            "error_message": ""
          }
        }
      },
      "definition": {
        "location": "header",
        "key": "x-api-version"
      },
      "version_data": {
        "not_versioned": true,
        "versions": {
          "Default": {
            "name": "v1",
            "use_extended_paths": true
          }
        }
      },
      "proxy": {
        "listen_path": "/demoapi/",
        "target_url": "http://demoapi.demoapi.svc.cluster.local:8888/",
        "strip_listen_path": true
      },
      "active": true
    }

Thanks,
Daniel