Working with OAUTH2 Target API in Tyk

John_Crocker · March 26, 2018, 2:07pm

Hello,

I am trying to configure an API in Tyk, which interacts with an OAUTH2 Target API url. I can see all the options in the Tyk dashboard to facilitate Client “to” Tyk security, eg Open, OAUTH2, token etc… but I cannot see anything anywhere to configure Tyk for Tyk to “Target API” security, ie where the Target API requires a seperate Client ID / Secret or access credentials.

How would I go about implementing a configuration where the Target API requires seperate authorization (in this case OAUTH2) than the incoming client request “to” Tyk?

Does Tyk support this sort of behaviour?

leon · March 26, 2018, 2:52pm

Right now I’m afraid this is not possible at the moment.

The closed thing you can get is implementing “post” plugin which internally does the HTTP call, and use return_overrides to respond with response data //tyk.io/docs/plugins/supported-languages/rich-plugins/python/python/

Hope it helps!

leon · March 26, 2018, 5:08pm

Another option will be issuing some long living token in advance and adding it to global headers for each request.