Hi Guys,
Some questions -
We currently have our own identity provider which it seems Tyk cannot integrate directly with e.g. for JWT validation.
We would like to take advantage of user level quotas and see traffic per user - would it be possible to have a plugin to validate the JWT and inject an api key that maps to the user?
Specifically what is the order of execution custom plugin -> rate limiting -> usage counting or some other order?
Hi
Maybe I misunderstood you but Tyk does integrates with JWT as api keys.
On Tyk’s side -
- You need to define configure the claim you are expecting to contain the policy Id (for instance “pol”) and the user (for instance “sub”).
- Then create a policy and add the API to its ACL.
- Copy that policy Id
On the JWT creator, the IdP, you need to create a rule to inject the policy id to the JWT in the claim you have configured in Tyk.
Could you please check this doc for diagram and further explanations.
Hi Yaara,
Thanks for the response.
I have already read the documentation, what we have implemented for JSON Web Tokens does not fit with Tyk’s JSON Web Token support hence my question
Reading → Mapping our API tokens to Tyk's tokens (SOLVED) - #2 by leon - can a pre middleware do what I want?
You could write a custom auth plugin that would create a session object in tyk (as explained in your link) and set the policy per the values in the jwt. You can use $tyk_context_jwt_claim_CLAIM-NAME to access the values in rthe jwt