Hi,
I’m using Tyk CE 2.3.5. The APIs are configured to use JWT authentication with Tyk policy ID embedded as a claim. A grpc plugin is configured as a “pre” hook as shown below. MyPrehook does some request transformation before sending the modified request to downstream service.
If JWT is valid, the request went through fine. The issue is if I give a JWT token that’s already expired, the plugin still forwards the request to downstream service and Tyk still reports an error with the invalid JWT token. I want to make it so that the hook will not forward the request if for any reason the JWT authentication failed (Tyk is doing the JWT authentication)
Is this something that should be handled in my custom hook or should I simply specify “post” instead of “pre” in the manifest.json?
manifest.json:
{
“file_list”: [],
“custom_middleware”: {
“pre”: [{
“name”: “MyPrehook”
}],
“driver”: “grpc”
},
“checksum”: “”,
“signature”: “”
}