@vaishno.avi , yeah the way to do it if using the native programmatic auth patterns is the anonymous user pattern(outlined in my reply to my original thread). Which will work in terms of the Basic-Auth plugin I believe probably supports the anon user, but you need to ensure the jwt-keycloak can also support the annoynmous user logic. Might require forking and re-writing w/e this jwt-keycloak plugin you are referring to does to suppor the anon-user setting. Or if you only support basic and jwt-keycloak maybe forcing it to run after basic auth and checking in its code if basic auth is already set to valid user in the context then return out of that other plugin without doing any extra logic. Just depends on how you want to implement it.