Authentication method by endpoint?

Imported Google Group message. Original thread at: https://groups.google.com/forum/#!topic/tyk-community-support/GDwAsXBXBwk Import Date: 2016-01-19 21:12:17 +0000.
Sender:Victor Franzonatto.
Date:Friday, 15 May 2015 15:57:04 UTC+1.

Hi,

Is there support for different authentication methods per endpoind?

Some endpoints in my API require HMAC signature, others, only the public key (basic auth without password).

Thanks,
Victor.

Imported Google Group message.
Sender:Martin Buhr.
Date:Friday, 15 May 2015 16:13:50 UTC+1.

Hi Victor,

I’m afraid not, when you define an API the auth method is global.

You could register your HMAC endpoints as a different API and then force the signature on those, when you create API keys you bundle pboth API’s into the access rules so that access is transparent - youwould need to do some jiggery-pokery with URL rewrites though to get the outward-facing API to look sane.

Thanks,
Martin

  • show quoted text -

Imported Google Group message.
Sender:Victor Franzonatto.
Date:Friday, 15 May 2015 16:13:50 UTC+1.

Hi Victor,

I’m afraid not, when you define an API the auth method is global.

You could register your HMAC endpoints as a different API and then force the signature on those, when you create API keys you bundle pboth API’s into the access rules so that access is transparent - youwould need to do some jiggery-pokery with URL rewrites though to get the outward-facing API to look sane.

Thanks,
Martin

  • show quoted text -

Imported Google Group message.
Sender:Martin Buhr.
Date:Friday, 15 May 2015 16:49:28 UTC+1.

Hi,

Thanks for the reply Martin!!

Victor.

  • show quoted text -