let say I have a bunch of endpoints on the backend(upstream) for example
/customer /student /teacher /employee etc.
These endpoints are expected to have an auth so when the user enters the url on the client like postman:
bla.com/tool/v1/[email protected] etc.
I want the upstream to only receive /[email protected] which works at the moment by setting the path as "/tool/v1" with strip path true and key-auth for authentication on the route.
Now there are some endpoints on the backend like /vehicle /test1 /test2.
These would not have any authentication so when the client makes a request it would be bla.com/tool/v1/vehicle?lpn=12345 but as upstream they should receive as /vehicle?lpn=12345
The issue is if I go to make route with strip path as true and without any auth, it is still going to ask for auth as it would match the first route. My present work around (which is terrible) is to create a new service for any routes that don't need authorization.
Is there a better way to do this?
I am using Kong 3.4 with DB have asked a similar question previously but posted once again.
Update to the present:
So I have one Service which have 2 Routes associated with it:
- Auth
- UnAuth
The Auth route has a key-auth which just has the path "/tool/v1"
The UnAuth route has no authentication and for path set on it are the paths that are set on the backend like "/tool/v1/vehicle" "/tool/v1/test1" etc.
I this a good way to do it or is there a "best practice"