Imported Google Group message.
Date:Thursday, 13 August 2015 06:26:50 UTC+1.
When you create the token you can add some meta data to the session object in a meta_data field, this is just a key/value map. You could embed the user ID data there. Then your App could look it up with a subsequent API call (not great because there are two round trips for identity data)
Alternatively, when you generate the token, you could store the token with your own user data during sign in so that when a request passes through Tyk, which will use an authorisation header with the Tyk token to manage the traffic, when it hits your service you can identify the user from the Tyk token by looking it up as if you were checking a user ID - might require some changes to your code though, so not great
Finally, you could use your own user-ID as the Tyk token by adding the token instead of having Tyk create it (different API endpoint), then the credentials are aligned and you don’t need to do any header substitution. This is amazingly simple, but means tokens are not dynamic, you’d need to be careful around expiry too.
The JS header substitution method with embedded user ID meta_data might be the most elegant way to go. But using a custom token ID that aligned with your micro service session data would be the simplest thing to do.
Let me know if you’d like some help with any of these
From: Fabien Herfray [email protected]
Sent: Thursday, August 13, 2015 03:09
Subject: How to retrieve the user from the session ?
To: Tyk Community Support [email protected]
You received this message because you are subscribed to the Google Groups “Tyk Community Support” group.
To unsubscribe from this group and stop receiving emails from it, send an email to [email protected].
To view this discussion on the web, visit https://groups.google.com/d/msgid/tyk-community-support/acb494d6-ad05-4f70-a2c5-f72f90ed896d%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.