Optional JWT Validation

[Ahmad Rulim]

Hi,

I've read the KrakenD JWT Validation. I understand that I can use that with my IDP to provide something like OIDC protected endpoint, with KrakenD automatically validate the JWT token using key provided by the JWK url, then it could pass the claims to the backend as headers.

But in my case, some endpoints are publicly available, but will return more detail if user provide authentication. So I want the gateway to kind of "optionally" validate the token on some endpoint. If the user provided the JWT token, it will validate and pass the token claims as headers to the backend, but if no JWT token provided, it will just pass the request to the backend.

How can I achieve behaviour like that? Any help would be very appreciated.

Thanks in advance.