It definitely make sense, but not sure what is the best way to achieve this.
You can try to configure 2 Tyk APIs, one open and second with auth. Public endpoint will point to your open API, and inside you will define URL rewrite rule which when authorization header is passed it will internally route to second protected api, and if no header, it will continue working with public API.
Or using small nginx layer which route traffic to different Tyk APIs depending on the header.
Does it makes sense?