Comments (4)
andyo-tyk
commented on May 24, 2024
Hi @Blasci,
It sounds like you need to enable an Allow List to get the functionality you require.
By adding the allowed paths to the list, Tyk will automatically block all others.
Please give this a try and let me know if it works for you.
Thanks for trying Tyk!
from tyk.
Blasci
commented on May 24, 2024
Hi @andyo-tyk
Oh sorry, i forgot to say it. I have already activated the Whitelist plugin.
This is why i open this issue.
Thanks for your answer !
from tyk.
andyo-tyk
commented on May 24, 2024
Hi @Blasci,
Would you be able to share your API Definition, please, so that we can check if there's something wrong in the configuration?
Please remember to obfuscate any sensitive data before sharing!
from tyk.
Blasci
commented on May 24, 2024
Hi @andyo-tyk
Yes ! Here my API Definition :
{
"api_definition": {
"CORS": {
"allow_credentials": false,
"allowed_headers": [],
"allowed_methods": [],
"allowed_origins": [],
"debug": false,
"enable": false,
"exposed_headers": [],
"max_age": 0,
"options_passthrough": false
},
"active": true,
"allowed_ips": [],
"api_id": "01234567890123456789012345678901",
"auth": {
"auth_header_name": "Authorization",
"cookie_name": "",
"param_name": "",
"signature": {
"algorithm": "",
"allowed_clock_skew": 0,
"error_code": 0,
"error_message": "",
"header": "",
"param_name": "",
"secret": "",
"use_param": false
},
"use_certificate": false,
"use_cookie": false,
"use_param": false,
"validate_signature": false
},
"auth_configs": {
"authToken": {
"auth_header_name": "Authorization",
"cookie_name": "",
"param_name": "",
"signature": {
"algorithm": "",
"allowed_clock_skew": 0,
"error_code": 0,
"error_message": "",
"header": "",
"param_name": "",
"secret": "",
"use_param": false
},
"use_certificate": false,
"use_cookie": false,
"use_param": false,
"validate_signature": false
},
"jwt": {
"auth_header_name": "Authorization",
"cookie_name": "",
"param_name": "",
"signature": {
"algorithm": "",
"allowed_clock_skew": 0,
"error_code": 0,
"error_message": "",
"header": "",
"param_name": "",
"secret": "",
"use_param": false
},
"use_certificate": false,
"use_cookie": false,
"use_param": false,
"validate_signature": false
}
},
"auth_provider": {
"meta": {},
"name": "",
"storage_engine": ""
},
"base_identity_provided_by": "",
"basic_auth": {
"body_password_regexp": "",
"body_user_regexp": "",
"cache_ttl": 0,
"disable_caching": false,
"extract_from_body": false
},
"blacklisted_ips": [],
"cache_options": {
"cache_all_safe_requests": false,
"cache_by_headers": [],
"cache_control_ttl_header": "",
"cache_response_codes": [],
"cache_timeout": 60,
"enable_cache": false,
"enable_upstream_cache_control": false
},
"certificates": [],
"client_certificates": [],
"config_data": {},
"custom_middleware": {
"auth_check": {
"name": "",
"path": "",
"raw_body_only": false,
"require_session": false
},
"driver": "",
"id_extractor": {
"extract_from": "",
"extract_with": "",
"extractor_config": {}
},
"post": [],
"post_key_auth": [],
"pre": [],
"response": []
},
"custom_middleware_bundle": "my-custom-bundle.zip",
"definition": {
"key": "x-api-version",
"location": "header",
"strip_path": false
},
"disable_quota": false,
"disable_rate_limit": false,
"do_not_track": false,
"domain": "",
"dont_set_quota_on_create": false,
"enable_batch_request_support": false,
"enable_context_vars": false,
"enable_coprocess_auth": false,
"enable_detailed_recording": false,
"enable_ip_blacklisting": false,
"enable_ip_whitelisting": false,
"enable_jwt": false,
"enable_proxy_protocol": false,
"enable_signature_checking": false,
"event_handlers": {
"events": {}
},
"expire_analytics_after": 0,
"global_rate_limit": {
"per": 0,
"rate": 0
},
"graphql": {
"enabled": false,
"engine": {
"data_sources": [],
"field_configs": []
},
"execution_mode": "",
"playground": {
"enabled": false,
"path": ""
},
"proxy": {
"auth_headers": {}
},
"schema": "",
"subgraph": {
"sdl": ""
},
"supergraph": {
"disable_query_batching": false,
"global_headers": {},
"merged_sdl": "",
"subgraphs": []
},
"type_field_configurations": [],
"version": ""
},
"hmac_allowed_algorithms": [],
"hmac_allowed_clock_skew": -1,
"id": "012345678901234567890123",
"internal": false,
"jwt_client_base_field": "",
"jwt_default_policies": [],
"jwt_expires_at_validation_skew": 0,
"jwt_identity_base_field": "",
"jwt_issued_at_validation_skew": 0,
"jwt_not_before_validation_skew": 0,
"jwt_policy_field_name": "",
"jwt_scope_claim_name": "",
"jwt_scope_to_policy_mapping": {},
"jwt_signing_method": "",
"jwt_skip_kid": false,
"jwt_source": "",
"listen_port": 0,
"name": "my-api",
"notifications": {
"oauth_on_keychange_url": "",
"shared_secret": ""
},
"oauth_meta": {
"allowed_access_types": [],
"allowed_authorize_types": [],
"auth_login_redirect": ""
},
"openid_options": {
"providers": [],
"segregate_by_client": false
},
"org_id": "012345678901234567890123",
"pinned_public_keys": {},
"protocol": "",
"proxy": {
"check_host_against_uptime_tests": false,
"disable_strip_slash": false,
"enable_load_balancing": false,
"listen_path": "/v1/my-api/",
"preserve_host_header": false,
"service_discovery": {
"cache_timeout": 0,
"data_path": "",
"endpoint_returns_list": false,
"parent_data_path": "",
"port_data_path": "",
"query_endpoint": "",
"target_path": "",
"use_discovery_service": false,
"use_nested_query": false,
"use_target_list": false
},
"strip_listen_path": true,
"target_list": [],
"target_url": "https://my-api.url",
"transport": {
"proxy_url": "",
"ssl_ciphers": [],
"ssl_force_common_name_check": false,
"ssl_insecure_skip_verify": false,
"ssl_max_version": 0,
"ssl_min_version": 0
}
},
"request_signing": {
"algorithm": "",
"certificate_id": "",
"header_list": [],
"is_enabled": false,
"key_id": "",
"secret": "",
"signature_header": ""
},
"response_processors": [],
"session_lifetime": 0,
"session_provider": {
"meta": {},
"name": "",
"storage_engine": ""
},
"slug": "my-api",
"strip_auth_data": false,
"tag_headers": [],
"tags": [],
"upstream_certificates": {},
"uptime_tests": {
"check_list": [],
"config": {
"expire_utime_after": 0,
"recheck_wait": 0,
"service_discovery": {
"cache_timeout": 60,
"data_path": "",
"endpoint_returns_list": false,
"parent_data_path": "",
"port_data_path": "",
"query_endpoint": "",
"target_path": "",
"use_discovery_service": false,
"use_nested_query": false,
"use_target_list": false
}
}
},
"use_basic_auth": false,
"use_go_plugin_auth": true,
"use_keyless": false,
"use_mutual_tls_auth": false,
"use_oauth2": false,
"use_openid": false,
"use_standard_auth": false,
"version_data": {
"default_version": "",
"not_versioned": true,
"versions": {
"Default": {
"expires": "",
"extended_paths": {
"white_list": [
{
"ignore_case": false,
"method_actions": {
"GET": {
"action": "no_action",
"code": 200,
"data": "",
"headers": {}
}
},
"path": "/endpoint/{id}"
},
{
"ignore_case": false,
"method_actions": {
"GET": {
"action": "no_action",
"code": 200,
"data": "",
"headers": {}
}
},
"path": "/endpoint/{id}/otherEndPoint"
}
]
},
"global_headers": {
"X-Forwarded-Prefix": "/v1/my-api"
},
"global_headers_remove": [],
"global_response_headers": {},
"global_response_headers_remove": [],
"global_size_limit": 0,
"ignore_endpoint_case": false,
"name": "Default",
"override_target": "",
"paths": {
"black_list": [],
"ignored": [],
"white_list": []
},
"use_extended_paths": true
}
}
}
},
"api_model": {},
"created_at": "2023-10-23T11:28:30+02:00",
"hook_references": [],
"is_site": false,
"sort_by": 0,
"user_group_owners": [],
"user_owners": []
}from tyk.
Related Issues (20)
- Feature Request: Dark/Light Mode Toggle HOT 3
- Tyk API Gateway 5.0.7 : When creating the key for Basic Auth, the key value in responce is "" HOT 1
- OAuth2 client_credentials authentication does not seem to be RFC6749 compliant HOT 3
- Rate limit does not get reset when using more than 1 gateway pods in kubernetes HOT 1
- Optimize rate limit using Lua script
- [Q]: Adding more tests and increasing the Code Coverage HOT 4
- Double response from go plugin virtual endpoint HOT 1
- [TT-5070]Wrong HTTP status code when panic happens inside Go plugin HOT 1
- [TT-11223]ERROR: Tyk PUMP not able to connect to Redis Sentinels HOT 1
- Error with middleware in one gateway while other pods are working fine HOT 1
- KV Store config not read in tyk.conf (security.certificates.upstream) HOT 4
- User not authorized when using basic authentication HOT 1
- OAS API: transformRequestMethod.toMethod expects boolean instead of string HOT 1
- Automatic retries when there are specific errors from Upstream
- How to define proxy.listen_path as exact path? HOT 4
- HTTP/2 Continuation Frame Vulnerability
- graphql playground error for federation
- Add HTTP proxy support to MDCB
- Tyk cannot validate client certificates against a certificate authority
- Profile Raw Editor cursor placement HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from tyk.