Reroute unauthorized requests.

[grounzero]

Not sure if this is already possible but if a route is unauthorised to be able to divert to a different destination endpoint.

Why is this important to you?

Having a finer level of control would prevent unauthorised requests being blocked which is not always desirable.

[Tratcher]

That's not currently a supported mechanic. How would you want to identify the alternate route?

Note this wouldn't be a YARP specific feature ask since we use standard ASP.NET Core auth and routing logic. At most it would be a new config option.

[grounzero]

The alternative route could be another cluster. I've found YARP very useful for retrofitting authentication to Api's I cannot change and stitching them to behave as a single entity. I try to never return anything but than a 200 so for example if a token is not present in the header it would be nice if I could redirect to a login page or a something similar.

[Tratcher]

it would be nice if I could redirect to a login page or a something similar.

That's the standard behavior for the current providers like OIDC if you use actual client side redirects (301). Returning 200s with a login page from the original resource URI can really confuse clients.