I am using Kong (open source) 3.4.0 running as docker container with DB
I have a backend (Nodejs) which has one entry point as “/”
I have created a service with a route that has a path as “/v1” with strip path and preserve host. This route uses a auth plugin which requires apikey in the header.
so anything that gets called from the client (“/v1/user”) need to authenticated and then the backend matches with “/user” route
I have another route on the backend with “/help” and I want this route to not be authenticated. So when a client calls (“/v1/help”) this route would not require the apikey in the header.
With just 1 service it seems not possible to do it. Since the strip path removes the complete path from URI and backend url does not get the URI, it’s unable to give correct response.
Probably a workaround, create two backend service (one with your /help) and associate individual routes to each one.
Thanks a lot for the response. I tested the above method and it works as intended. So if I have to add any new routes that does not need to through an api key, should I use the newly created service ?
Also isn’t there a better way to do it? Or can the enterprise request-transformer-advance plugin can do it ?
@malfoy - I know this is not the best way. Also, you cannot use this to add additional unauthenticated endpoints to same service, since your service now has URI appended to it. This wont scale well, if you have more endpoints.
You can possibly check for Request Transformer Plugin to replace the URI on the unauthenticated path. I haven’t explored much on it.
The right way is to remove only the prefix from the incoming URI and strip only (/v1) instead of whole URI before sending it to backend. I heard its on the works by Kong to support this.
this is not the best way. Also, you cannot use this to add additional unauthenticated endpoints to same service, since your service now has URI appended to it. This wont scale well, if you have more endpoints.