Target url is basic auth protected

HI, I am trying to create api but my target api is basic auth protected so how I can create an api definition so that tyk will pass auth parameters (id and password) to the target url which is passed to the tyk .

So suggest for the complete configuration. I tried to refer old link but quite confused.

You can use either of the global headers or transform headers to inject your basic auth token. Here is a snippet of the config you need.

"version_data": {
        "not_versioned": true,
        "default_version": "",
        "versions": {
            "Default": {
                "name": "Default",
                "expires": "",
                "paths": {
                    "ignored": [],
                    "white_list": [],
                    "black_list": []
                "use_extended_paths": true,
                "extended_paths": {
                    "transform_headers": [
                            "delete_headers": [],
                            "add_headers": {
                                "Authorization": "Basic { id : password }"
                            "path": "{url path}",
                            "method": "GET",
                            "act_on": false
                "global_headers": {
					"Authorization": "Basic { id : password }"
                "global_headers_remove": [],
                "global_response_headers": {},
                "global_response_headers_remove": [],
                "ignore_endpoint_case": false,
                "global_size_limit": 0,
                "override_target": ""

I have added the header for both in the example above, however, all you need is just one depending on your use case.

Hope this helps.

I am trying add using below got to add global headers but getting malformed error:

curl -v -H “x-tyk-authorization: 352d20ee67be67f6340b4c0605b044b7”
-H “Content-Type: application/json”
-d '{
“name”: “test”,
“slug”: “test”,
“api_id”: “test”,
“org_id”: “1”,
“use_keyless”: true,
“auth”: {
“auth_header_name”: “Authorization”
“definition”: {
“location”: “header”,
“key”: “x-api-version”
“version_data”: {
“not_versioned”: true,
“versions”: {
“Default”: {
“name”: “Default”,
“use_extended_paths”: true
“global_headers”: {
“Authorization”: “Basic { id : password }”
“global_headers_remove”: [],
“global_response_headers”: {},
“global_response_headers_remove”: [],
“ignore_endpoint_case”: false,
“global_size_limit”: 0,
“override_target”: "

"proxy": {
  "listen_path": "/CloudGateway/",
  "target_url": "https://ip-10-10-31-38.ap-southeast-1.compute.internal:8443/CloudGateway",
  "strip_listen_path": true
"active": true

}’ | python -mjson.tool

Please suggest and I believe at the tyk gatew url we need to pass basic auth parameters.

The malformed error is because the value for the auth header contains the template in the snippet I shared “Authorization”: “Basic { id : password }”. You simply need to replace the it with a base64 hash value of your { ID } : { PASSWORD }.

However, if you are not worried about exposing upstream auth data to the client, then you can simply remove the global_headers from the API definition and pass in your authentication data in the header from the client. You would need to ensure “strip_auth_data” is set to false in your API definition. This way Tyk would forward your authentication data upstream.

In simple words, you need to call your Tyk endpoint the same way you would your backend.