Multiple auth with first accepting authenticator to grant access

Is it so that multiple auth works right now so that ALL configured authenticators must accept their credentials to log in?
Right now we use Basic auth for / listen path and JWT token auth for /oauth listen path for the same target. Mapping to /oauth wasn’t a great idea for clients as they have to parse our returning URLs and add /oauth for all the referring URLs. I tried to configure multiple auth with Basic and JWT Token auth but it doesn’t seem to work or is there way to configure multiple auth so that FIRST authenticator THAT ACCEPTS it’s credentials/tokens is enough to grant access to target?

At the moment yes it is all must grant access. You can do what you want a couple of ways:

  1. Have an api with preauth middleware/or virtual endpoint in a keyless api that detects what auth type you have by inspecting authorization header. Then route to one of two other apis defined in tyk for each of the auth methods required.

  2. In 2.8 we will natively support internal loopbacks for this kind of auth flow logic

1 Like