I’m sure I’m missing something obvious here. Can anyone point me to what I’m doing wrong or what docs I should be looking at? I’ve searched around, but can’t seem to find anything that points to what I should be doing. I don’t want to override the endpoint, I just don’t want to require any auth for it.
Looks like the api def isn’t getting loaded… when I hit the api endpoint, I’m not seeing the ignored path:
Guessing this is the issue. I don’t know why that is though. It’s picking up everything else in the def. Tried bring it down and back up instead of hot reload too (even though hot reload pulled in other changes).
I lost the thread, but the gist of the solution was to have two API defs both pointed at the same upstream server. One secured, and the other not. The problem now is that I’m not sure how that was set up.
I thought use_keyless would work along with a whitelist, but it seems that once you go keyless, the whitelist stuff isn’t respected. Or maybe I just couldn’t get it to work. I thought I’d read that a white list implies any other route is not ok, but that wasn’t happening.
I just created a different target path for the same server in the end. Probably safer anyway.
Thank you for posting your question again in our community.
From what I understand, you are setting up ignored path so that you don’t want to require any auth for it. Is this correct?
Upon checking, it seems that you are putting the ignored path inside version_data.versions.Default.paths.ignored but it seems to still require auth(Auth field missing). From our documentation, the section that will define methods and paths that will be ignored and will bypass the quota and rate limiting machinery of Tyk should be the version_data.{version-name}.extended_paths.ignored.
You can also define this in your endpoint designer using plugin ignore.
I tested this in my local and I can see that even if the authentication of my API is set to Authentication token, I can still access this ignored path without using an auth.
@jonlink_mf I think the main issue you are having is in the API definition field use_extended_paths: true. This means that you have informed the the API to use the new extended paths feature. If you set the value to false, then your third post should work.
I cannot remember but I think the extended paths was created to allow more middleware functionality like url_rewrite, transformations, virtual endpoint etc. You could use what @Page has suggested and add the ignored path to your extended paths instead. There is also a similar thread about that here
Or you could disable extended_paths and use your earlier post. However, I think it is supposed to be a deprecated feature and only works because of backward compatibility.
@Page and @Olu thank you sincerely! I tried just about every variation I could imagine with and without extended paths. I think being tired and stuck made me sloppy because I tried again and it did work as described.
Unfortunately, I can’t speak what what mistake I might’ve made when I tried something similar to what was suggested (for some future person who may run into the same issue). Instead I’ll just post the entirety of the config section responsible for this feature.
