Unclear documentation for gRPC plugin setup


Hi @matt, use_keyless should be set to false, otherwise the authentication step is completely skipped.



Going to try that now, but is there any reason why that “post” hook isn’t called?


The “Post” hook is executed after the authentication mechanism, so it won’t be triggered if the authentication is disabled, check this doc:

Post: gets executed after the authentication, validation, throttling, and quota-limiting middleware has been executed, just before the request is proxied upstream. Use this to post-process a request before sending it to your upstream API.
PostKeyAuth: gets executed right after the authentication process.


So I set use_keyless to false. It now invokes my custom middleware. However, it also now always says “key not authorized”. I am not doing anything in the custom middleware (yet) other than setting a header. So I’m not preventing the request in my authorization. Why is ther a key not authorized response then? Its supposed to be using my Auth. I have not setup a key for the API as I’m using custom.


The middleware chain expects you to set a session object during the authentication process, it your function doesn’t return a valid session it’s considered a failed authentication by default.
To authenticate a key using your own mechanism you have to construct and return a session object (coprocess_session_state), see this Java sample.

You need to create a coprocess.SessionState object and return it as part of the coprocess.Object, the field is called session.


That is also something that could be made a little clearer in the docs, but that helps a bunch. Thank you.


tyk is returning "Key not authorised" even if middleware returning valid coprocess session object. Is there any set up(or settings) need to be done in order to get success execution of api with custom authentication mechanism?