Tyk Validation

This module allows you to validate JWTs returned to you from Tyk. To start, you will need to get your API added into Tyk, which you can do here: https://developer.byu.edu/add-or-update-tyk-api.

Once Tyk is processing API calls to your site, we need a way to validate the response it gives. To do this, download the Tyk Validation module from the Mendix Marketplace. Next, open your rest call and change the validation method to 'Custom'. It will ask you for a validation microflow, and you have two options here:

1. You can use our prebuilt microflow ACT_API_ValidateToUser. This will find a user by the NetId of the user who called the api, and retrieve/create them in the system.
2. You can make a custom validation microflow. This should be used when you need to retrieve users by a different parameter, or a similar validation exception. When writing this microflow, make sure you use SUB_API_ValidateToJWTClaims to validate the JWT, and add a way to process local calls.

The last step is to set up your issuers. This is where you define where your api calls should come from. In most cases, you should be able to use the 'Set to BYU Default' button, and it should handle your needs.

IMPORTANT NOTES:
Your roles matter. If the user returned is not allowed to call the api they will get an unauthorized call. In addition, you can limit further with the roles on the microflows, so even if a user has rights to call the api, if they lack rights to the endpoint microflow you will return unauthorized