Hi, the post-auth middleware gets executed immediately after the authentication, the post middleware is executed after additional middleware like key expiry check, access rights, check, etc. Both get executed before sending the request to upstream.
To create a post-auth middleware use
post_key_auth (instead of
post) when creating your plugin bundle or defining your custom middleware block, see this plugin bundle manifest contents:
Are you planning to create a JS middleware?