JWT claim for key extraction


I’m testing your cloud option (will most probably switch to multi-cloud in the future).
Our JWT is generated by Keycloak (OpenID Connect) and the tyk key is placed in the [sub] claim.

I noticed here (Add option to ignore kid header in JWT validation · Issue #1551 · TykTechnologies/tyk · GitHub) that there’s a flag to turn on (jwt_skip_kid) in order to tell Tyk to ignore the kid header (which is used by keycloak) and rather extract the key from the sub.

My question is the following: where can I enable this option in the Tyk cloud solution?



While this option is not exposed to UI yet, you can modify it using RAW API Definition editor, e.g. directly via JSON.

Got it !

Many thanks!