Hi,
Let’s say we have 3 category of users: admin, editor and viewer. We want to setup permission based access where if he is accessing a particular API endpoint, we want to be able to identify which class he belongs to and then return appropriate data back.
Can tyk inject a custom header in the request, something like category: editor so we can parse this header in our backend and do some stuff?
Thank you
Hi, you could use metadata for this use case, check this page and also the session object page. This is a customizable field that’s part of a key.
Are you using the Tyk Dashboard to setup keys?
Best.
Hi,
We’re evaluating using Tyk gateway headless so i’m wondering how it could be done using the APIs …
Right, check the gateway API docs here, you could append additional information to the meta_data field when creating new keys.
Hi,
I’ve setup the relevant metadata (category:admin) for the particular API key which i’m accessing through the dashboard and when I print all the header information on my server endpoint, tyk is not forwarding this metadata field. Any idea how to allow this to happen?