-
|
Not sure if this is already possible but if a route is unauthorised to be able to divert to a different destination endpoint. Why is this important to you?Having a finer level of control would prevent unauthorised requests being blocked which is not always desirable. |
Beta Was this translation helpful? Give feedback.
Replies: 3 comments
-
|
That's not currently a supported mechanic. How would you want to identify the alternate route? Note this wouldn't be a YARP specific feature ask since we use standard ASP.NET Core auth and routing logic. At most it would be a new config option. |
Beta Was this translation helpful? Give feedback.
-
|
The alternative route could be another cluster. I've found YARP very useful for retrofitting authentication to Api's I cannot change and stitching them to behave as a single entity. I try to never return anything but than a 200 so for example if a token is not present in the header it would be nice if I could redirect to a login page or a something similar. |
Beta Was this translation helpful? Give feedback.
-
That's the standard behavior for the current providers like OIDC if you use actual client side redirects (301). Returning 200s with a login page from the original resource URI can really confuse clients. |
Beta Was this translation helpful? Give feedback.
That's the standard behavior for the current providers like OIDC if you use actual client side redirects (301). Returning 200s with a login page from the original resource URI can really confuse clients.