Change Authorization Type

Hi people,

Im trying to simulate a situation like this: The API use Basic Authentication but i need to set a Bearer token to send to destiny service.
Service1 (using Basic Auth) ->Tyk Gateway (get the real token from Vault, erase/update ‘Authentication’ header to “Bearer REALTOKEN”) -> DestinyService.

I’m trying to do it this way:

...(some code)
request.DeleteHeaders.push('Authorization');
request.SetHeaders['Authorization'] = body.data.data.token;
return basicAuthMiddleware.ReturnData(request, session.meta_data);

where "body.data.data.token’ it’s a string. I can add this value on a header that i created but i need to add to Authorizations header and i’m getting this error:

time="Feb 11 15:22:59" level=info msg="Attempted access with malformed header, header not in basic auth format." api_id=30 api_name="Simula Rota Cadastro" key="****ken1" mw=BasicAuthKeyIsValid org_id=default origin=172.22.0.1 path="/cadastro/get"
time="Feb 11 15:22:59" level=warning msg="Attempted access with malformed header, no auth header found." api_id=30 api_name="Simula Rota Cadastro" mw=BasicAuthKeyIsValid org_id=default origin=172.22.0.1 path="/cadastro/get"

How can i fix this? Is it possible to change Authorization Type from an api ou any other workaround?

Thanks in advance!

Hello @Marcos-Oleiro,

I believe that you can solve this with Virtual Endpoints or Looping…

https://tyk.io/docs/advanced-configuration/compose-apis/virtual-endpoints/
https://tyk.io/docs/advanced-configuration/transform-traffic/looping/

1 Like

Are you using “pre” plugin? I’m asking since it looks like you hit the basic auth MW in Tyk
This is the line of code that generates the error
Can you please send me the API definition and the plugin code?
You need to use post-auth plugin
(also I think you can just overwrite it, no need to delete)

1 Like

Hello @Yaara,

Yes, i was using ‘pre’ plugin when i did this post but i already figured that i need to use ‘post’ plugin, i just forgot to post here, sorry for that.

Just know that there are 2 hooks - post auth and post.