I have a legacy REST API with a home made gatway that uses a Basic Http authentication over https. Clients are calling this API directly passing their credentials in the header (Authorization: Basic xxxxxxxx). There is no API Key.
With Tyk, I need to use Tyk Identity Broker to plug the authentication mecanism on my legacy authentication service but it has an impact on clients because they need to ask for a Token before calling the API.They need to change every call!
Is there a way to hide this mecanism to the client ? Can they do as before by just sending their basic http headers and the gateway do the magic to call the tib, get the token (or check a cache) ?
Thank you for your advices.