Tyk ignore plugin and adding headers to the request


#1

Hello,

I have set up an api in Tyk with JWT security. That has worked well. Now I want to bypass JWT security for a specific endpoint. It looks like the ignore plugin from the endpoint designer is the right way to go. However, I have noticed that it efectively bypass security for the endpoint, but the added headers I was using to authenticate tyk against my api in my server are missing, it is like if ignore is also bypassing other configurations on endpoint designer.

Is this correct? I understand that if I want to bypass security for an endpoint, I could do the same on my side, but I think it is valuable to add headers for any other things even for ignored endpoints.

Many thanks


#2

Hi Fernando,

Yes, the ignore setting should bypass all other configuration settings as well.

Kind regards,
Jess @ Tyk


#3

Thanks Jess,

I understand now it is a feature. If so I suggest to add an explanation on the docs. The only page I found for that plugin did not mention that and belonged to old docs. Also it would be good if in the ui, when you add the ignore tag to the endpoint a warning is issued.

I still think it is valuable to add an ignored endpoint but not bypassing the rest of the settings. Perhaps something to add in the backlog.