We’re running into an issue where, when we cycle tyk gateway and dashboard and related services, our automation can NO LONGER authenticate to the Dashboard API using the
authorization header. Doesn’t matter which Dashboard user access credential we use, including the dashboard admin account. They all get a HTTP 401.
curl requests to the Dashboard API and get 401 auth failures as well.
Everything works well until we cycle the services (redis, mongo, tyk-gateway, tyk-dashboard) then all access to the Dashboard API fails. I’ve combed thorough the logs for redis, mongo, tyk-gateway, and tyk-dashboard and all the services and I don’t see anything pointing to an issue - except when trying to authenticate to the Dashboard API using the
authentication header - otherwise the logs seem to indicate everything is running fine and as expected.
The tyk dashboard log seems to indicate that redis does not have the information needed to authenticate the Portal Users’ API key. These are the only two log entries generated from all services when I attempt the Dashboard API call:
tyk-dashboard_1 | time="Aug 23 22:32:40" level=error msg="Session key not found" error="redigo: nil returned"
tyk-dashboard_1 | time="Aug 23 22:32:40" level=error msg="Could not get session" error="redigo: nil returned"
The authorization header hidden below is straight out of the main dashboard admin account - from what I can tell, it doesn’t matter which Dashboard API endpoint i call - they all return a 401.
curl http://tyk-dashboard:3000/api/users/5b7f28ddf7770ca51b453782 -H "authorization: *********************************************"
Cache-Control: no-store, no-cache, private
Content-Security-Policy: default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
Content-Type: text/plain; charset=utf-8
Strict-Transport-Security: max-age=63072000; includeSubDomains
Date: Fri, 24 Aug 2018 12:52:47 GMT
"Message": "Not authorised",
We’re using the following docker images:
Any help would be greatly appreciated.