Working with OAUTH2 Target API in Tyk

Hello,

I am trying to configure an API in Tyk, which interacts with an OAUTH2 Target API url. I can see all the options in the Tyk dashboard to facilitate Client “to” Tyk security, eg Open, OAUTH2, token etc… but I cannot see anything anywhere to configure Tyk for Tyk to “Target API” security, ie where the Target API requires a seperate Client ID / Secret or access credentials.

How would I go about implementing a configuration where the Target API requires seperate authorization (in this case OAUTH2) than the incoming client request “to” Tyk?

Does Tyk support this sort of behaviour?

Right now I’m afraid this is not possible at the moment.

The closed thing you can get is implementing “post” plugin which internally does the HTTP call, and use return_overrides to respond with response data https://tyk.io/docs/customise-tyk/plugins/rich-plugins/rich-plugins-work/#returnoverides

Hope it helps!

Another option will be issuing some long living token in advance and adding it to global headers for each request.