You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe what are you trying to do
I have an API from external provider which has single credentials and IP lock. So I'm creating an API GW using krakend. I want to krakend login into external api and give me the data. BUT I don't want it publicly accessible. I have a keycloak which I want to use for "frontend side" of my API GW and krakend has turned on JWT validation.
The problem I'm facing now is that I don't have to use any token to access the API. In logs is:
[KRAKEND] 2022/03/17 - 23:20:55.348 ▶ INFO Starting the KrakenD instance
[KRAKEND] 2022/03/17 - 23:20:55.348 ▶ INFO [ENDPOINT: /usermap/:obj/:req][JWTValidator] Validator disabled for this endpoint
[KRAKEND] 2022/03/17 - 23:20:55.348 ▶ INFO [ENDPOINT: /usermap/:obj][JWTValidator] Validator disabled for this endpoint
... even when I have github.com/devopsfaith/krakend-jose/validator in krakend extra config.
Your configuration file
The content of your krakend.json. When using the flexible configuration option, the computed file can be generated using FC_OUT=out.json
secrets.json has inside the github.com/devopsfaith/krakend-oauth2-clientcredentials with client_credentials grant type and secrets + github.com/devopsfaith/krakend-martian for headers like Accept
[KRAKEND] 2022/03/17 - 23:20:55.348 ▶ INFO Starting the KrakenD instance
[KRAKEND] 2022/03/17 - 23:20:55.348 ▶ INFO [ENDPOINT: /usermap/:obj/:req][JWTValidator] Validator disabled for this endpoint
[KRAKEND] 2022/03/17 - 23:20:55.348 ▶ INFO [ENDPOINT: /usermap/:obj][JWTValidator] Validator disabled for this endpoint
... even without token:
# curl -i http://localhost:8080/usermap/smth
HTTP/1.1 200 OK
Thx for help
The text was updated successfully, but these errors were encountered:
That error only appears when no configuration is provided.
The validator configuration should be at endpoint level and you have it in the backend section.
This issue was marked as resolved a long time ago and now has been automatically locked as there has not been any recent activity after it. You can still open a new issue and reference this link.
Describe what are you trying to do
I have an API from external provider which has single credentials and IP lock. So I'm creating an API GW using krakend. I want to krakend login into external api and give me the data. BUT I don't want it publicly accessible. I have a keycloak which I want to use for "frontend side" of my API GW and krakend has turned on JWT validation.
The problem I'm facing now is that I don't have to use any token to access the API. In logs is:
... even when I have
github.com/devopsfaith/krakend-jose/validator
in krakend extra config.Your configuration file
The content of your
krakend.json
. When using the flexible configuration option, the computed file can be generated usingFC_OUT=out.json
secrets.json
has inside thegithub.com/devopsfaith/krakend-oauth2-clientcredentials
withclient_credentials
grant type and secrets +github.com/devopsfaith/krakend-martian
for headers likeAccept
Commands used
How did you start the software?
Logs
... even without token:
Thx for help
The text was updated successfully, but these errors were encountered: