We are configure our API to support SSL Certificate and JWT token as authorization. But we found that after API gateway validate the bearer token in the Authorization header, it will remove the header and visit the native endpoint without the Authorization header. We can enable the Authorization token by using Outbound Authentication -Transport.
However, once we enable Outbound Authentication -Transport for JWT, we found the caller using SSL to call our API fails due to error about “API gateway is unable to process incoming request”. And it is back to work if we remove configuration of Outbound Authentication -Transport.
Is there any configuration that we can keep both setting together?
Thanks & Regards,