Basic Auth and Removing Response Headers

tyk_jason · May 3, 2017, 6:35pm

Hi,

I have setup an API in the gateway to use Basic Auth. Upon an unsuccessful attempt to authenticate, the response sent back to the client is HTTP 401 with a www-authenticate header as expected. However, this causes a web browser to pop up a login dialog, which ruins the user experience.

Is there a way to prevent the gateway from returning the www-authenticate header, or return a HTTP 201 response? I would prefer to just prevent the header from being returned.

Thanks for your help.

tyk_jason · May 3, 2017, 7:27pm

I have nginx running in front of Tyk so I can remove the header, anyway, but am still curious how this might be done in the gateway.

Martin · May 3, 2017, 11:16pm

I’m afraid it isn’t possible - the Basic Auth implementation is to spec :-/

tyk_jason · May 4, 2017, 3:46pm

Okay, thanks anyway for the response.