Is it possible to use both the key-auth and JWT plugins on the same route for different consumers?
Flip side: If I have different consumers that need to use different authentication methods, is it better to create two separate routes for the same service / resource?
They have an anonymous access way for authenticated vs unauthenticated access(which is not really what you want):
But nothing that enables running two authentication plugins on the same route. You would have to split it out 1 auth per route.
I too have wanted a way to run say oauth2 + jwt, or oauth2 + custom auth plugins on the same route but there are design challenges there(do you force inspecting on different headers for the two auth to decide which plugin/auth to invoke? etc.) . And how that would play into how the plugins are designed right now for backwards compatibility would be tricky.