openapi: 3.0.3 info: contact: email: support@tyk.io name: Tyk Technologies url: https://tyk.io/contact description: |2

## Introduction The Tyk Dashboard API offers granular, programmatic access to a centralised database of resources that your Tyk nodes can pull from. This API has a dynamic user administrative structure which means the secret key that is used to communicate with your Tyk nodes can be kept secret and access to the wider management functions can be handled on a user-by-user and organisation-by-organisation basis. A common question around using a database-backed configuration is how to programmatically add API definitions to your Tyk nodes, the Dashboard API allows much more fine-grained, secure and multi-user access to your Tyk cluster, and should be used to manage a database-backed Tyk node. The Tyk Dashboard API works seamlessly with the Tyk Dashboard (and the two come bundled together). ## Security Hierarchy The Dashboard API provides a more structured security layer to managing Tyk nodes. ### Organisations, APIs and Users With the Dashboard API and a database-backed Tyk setup, (and to an extent with file-based API setups - if diligence is used in naming and creating definitions), the following security model is applied to the management of Upstream APIs: * **Organisations**: All APIs are *owned* by an organisation, this is designated by the 'OrgID' parameter in the API Definition. * **Users**: All users created in the Dashboard belong to an organisation (unless an exception is made for super-administrative access). * **APIs**: All APIs belong to an Organisation and only Users that belong to that organisation can see the analytics for those APIs and manage their configurations. * **API Keys**: API Keys are designated by organisation, this means an API key that has full access rights will not be allowed to access the APIs of another organisation on the same system, but can have full access to all APIs within the organisation. * **Access Rights**: Access rights are stored with the key, this enables a key to give access to multiple APIs, this is defined by the session object in the core Tyk API. In order to use the Dashboard API, you'll need to get the 'Tyk Dashboard API Access Credentials' secret from your user profile on the Dashboard UI. The secret you set should then be sent along as a header with each Dashboard API Request in order for it to be successful: authorization: license: name: Mozilla Public License Version 2.0 url: https://github.com/TykTechnologies/tyk/blob/master/LICENSE.md title: Tyk Dashboard API version: 5.11.0 servers: - url: https://{tenant} variables: tenant: default: localhost:3000 description: Your dashboard host security: - bearerAuth: [] tags: - description: Use the endpoints under this tag to manage your certificates. You can add, delete and list certificates using these endpoints. name: Certificates - description: The Tyk Dashboard provides a full set of analytics functions and graphs that you can use to segment and view your API traffic and activity. externalDocs: description: Traffic Analytics. url: https://tyk.io/docs/tyk-dashboard-analytics/ name: Analytics - description: Use the endpoints in this tag to manage OAuth flow. externalDocs: description: OAuth Documentation url: https://tyk.io/docs/basic-config-and-security/security/authentication-authorization/oauth-2-0/ name: Oauth - description: | An API template is an asset managed by Tyk Dashboard that is used as the starting point - a blueprint - from which you can create a new Tyk OAS API definition.
Templates are used only during the creation of an API, they cannot be applied later. [Read more about API template assets here](https://tyk.io/docs/product-stack/tyk-dashboard/advanced-configurations/templates/template-overview/) externalDocs: description: API Templates full documentation. url: https://tyk.io/docs/product-stack/tyk-dashboard/advanced-configurations/templates/template-overview/ name: Assets - description: | The Tyk Dashboard permission system can be extended by writing custom rules using an Open Policy Agent (OPA). The rules engine works on top of your Dashboard API, which means you can control not only access rules, but also behaviour of all Dashboard APIs (except your public developer portal)
By default the Dashboard OPA engine is turned off, and you need to explicitly enable it via your Dashboard tyk_analytics.conf file.
You can use OPA rule to accomplish tasks like:
1. Prevent users from creating keyless APIs. 2. Assign specific categories to APIs created to certain user groups or users. 3. Control access for individual fields. For example, do not allow changing the API “active” status (e.g. deploy), unless you have a specific permission set. 4. And many more
[Read more about Tyk Open Policy Agent here](https://tyk.io/docs/tyk-dashboard/open-policy-agent/) externalDocs: description: Tyk Open Policy Agent Full Documentation. url: https://tyk.io/docs/tyk-dashboard/open-policy-agent/ name: Open Policy Agent - description: | These APIs helps you get,add and delete (CRUD) a list of additional (custom) permissions for your Dashboard users. You can use the created additional permissions with Open Policy Agent (OPA).
Once created, a custom permission will be added to standard list of user permissions.
You can also configure these custom permissions in the security.additional_permissions map in the Tyk Dashboard configuration file. You can check the [full documentation here](https://tyk.io/docs/tyk-dashboard-api/org/permissions/). externalDocs: description: Additional Permissions full documentation. url: https://tyk.io/docs/tyk-dashboard-api/org/permissions/ name: Additional Permissions - description: Get schemas. name: Schemas - description: | Webhooks are a great way to let external applications know about the status of a user, an API or an event that has occurred in the Tyk gateway
You can create webhooks that you can then re-use in your API definitions and assign to different Tyk Events such as quota violations or rate-limiting violations.
Each webhook require a target_path (which is an absolute URL that should be targeted by the webhook e.g https://httpbin.org/expired-keys) and a method which can be any of GET, PUT, POST, PATCH or DELETE.
Request types that do not support an encoded body will not have the event metadata encoded as part of the request. We would advise using POST where possible. name: Webhooks - description: Policies are a template that enable you to create access rules, usage quota and rate limits that can be applied to multiple keys. They are a useful way to manage large groups of users, and to enforce quota changes on a global scale across any number of keys that are using a policy. When used in conjunction with the portal, developers that enroll for API access will be given a key that is attached to a specific policy. The policy settings are refreshed every time a key attempts access, meaning that updating a policy will have an effect across any keys that are attached to it. externalDocs: description: Security Policies Documentation. url: https://tyk.io/docs/basic-config-and-security/security/security-policies/ name: Policies - description: When you have a large number of users and teams with different access requirements, instead of setting permissions per user, you can create a user group and configure the permissions for all users in the group. Note that a user can only belong to one group. externalDocs: description: Manage Tyk Dashboard User Groups. url: https://tyk.io/docs/basic-config-and-security/security/dashboard/create-user-groups/ name: UserGroup - description: 'Users have twofold access to the dashboard: they can access both the Dashboard API and the Dashboard itself, it is possible to generate users that have read-only access to certain sections of the dashboard and the underlying API. Use the endpoints in this tag to manage users.' externalDocs: description: Manage Tyk Dashboard Users. url: https://tyk.io/docs/basic-config-and-security/security/dashboard/create-users/ name: Users - description: All keys that are used to access services via Tyk correspond to a session object that informs Tyk about the context of this particular token, like access rules and rate/quota allowance. externalDocs: description: API Key Management. url: https://tyk.io/docs/tyk-apis/tyk-dashboard-api/api-keys/ name: Keys - description: |- An API request made using Basic Authentication will have an Authorization header that contains the API key. The value of the Authorization header will be in the form:
`Basic base64Encode(username:password)`. externalDocs: description: Basic Authentication. url: https://tyk.io/docs/basic-config-and-security/security/authentication-authorization/basic-auth/ name: Basic Authentication - description: Tyk allows you to work with APIs that you’ve designed with the OpenAPI Specification version 3.0.x, making it even easier to get your API up and running. Use the endpoints in this tag to create,delete,import and update OAS APIs. externalDocs: description: Tyk OAS Documentation. url: https://tyk.io/docs/getting-started/key-concepts/high-level-concepts/ name: OAS APIs - description: Use the endpoints under this tags to update,add ,delete and fetch the classic APIs. name: APIs - description: The Dashboard SSO API allows you to implement custom authentication schemes for the Dashboard and Portal. Our Tyk Identity Broker (TIB) internally also uses this API. The Dashboard exposes the /api/sso Dashboard API which allows you to generate a temporary authentication token, valid for 60 seconds. externalDocs: description: Dashboard API Single Sign On. url: https://tyk.io/docs/tyk-apis/tyk-dashboard-api/sso/ name: Single Sign On - description: System API. name: System - description: Notifications for an organisation name: Organisation Notifications paths: /api/activity/keys/{keyHash}/{startDay}/{startMonth}/{startYear}/{EndDay}/{EndMonth}/{EndYear}: get: description: It returns analytics of the endpoints of all APIs called a key between start and end date. operationId: getAnalyticsOfApiKey parameters: - description: Day to start querying the analytics from. example: "15" in: path name: startDay required: true schema: type: string - description: Month to start querying the analytics from. example: "1" in: path name: startMonth required: true schema: type: string - description: Year to start querying the analytics from. example: "2024" in: path name: startYear required: true schema: type: string - description: End date of analytics to query. example: "20" in: path name: EndDay required: true schema: type: string - description: End month of analytics to query. example: "6" in: path name: EndMonth required: true schema: type: string - description: End year of analytics to query. example: "2025" in: path name: EndYear required: true schema: type: string - description: Hash of your API key. in: path name: keyHash required: true schema: type: string responses: "200": content: application/json: examples: aggregateAnalytics: $ref: '#/components/examples/aggregateAnalytics' schema: $ref: '#/components/schemas/AggregateAnalyticsData' description: Returns analytics of all endpoints called using the given key between the given time range. "400": content: application/json: example: Message: Key could not be decoded. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Bad Request "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: User does not have access to the API with ID. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "500": content: application/json: example: Message: Failed to fetch analytics. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Analytics of API Key. tags: - Analytics /api/activity/oauthid/{OAuthClientID}/{startDay}/{startMonth}/{startYear}/{EndDay}/{EndMonth}/{EndYear}: get: description: Returns activity of all endpoints which used the given OAuth client between the given time range. operationId: getAnalyticsOfOauthClientId parameters: - description: Day to start querying the analytics from. example: "15" in: path name: startDay required: true schema: type: string - description: Month to start querying the analytics from. example: "1" in: path name: startMonth required: true schema: type: string - description: Year to start querying the analytics from. example: "2024" in: path name: startYear required: true schema: type: string - description: End date of analytics to query. example: "20" in: path name: EndDay required: true schema: type: string - description: End month of analytics to query. example: "6" in: path name: EndMonth required: true schema: type: string - description: End year of analytics to query. example: "2025" in: path name: EndYear required: true schema: type: string - description: OAuthClientID in: path name: OAuthClientID required: true schema: type: string responses: "200": content: application/json: examples: aggregateAnalytics: $ref: '#/components/examples/aggregateAnalytics' schema: $ref: '#/components/schemas/AggregateAnalyticsData' description: Fetched analytics successfully. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: User does not have access to the API with ID. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "500": content: application/json: example: Message: Failed to fetch analytics. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Analytics of Oauth Client ID. tags: - Analytics /api/apis: get: description: Get List of APIs.By default the returned apis will be sorted by created_at field in descending order but this can be changed via sort query parameter.The apis returned are paginated operationId: getApis parameters: - allowEmptyValue: true deprecated: true description: Return smaller API list payload. example: "1" in: query name: compressed required: false schema: enum: - "1" type: string - description: API Type, internal or external. example: rest in: query name: api_type required: false schema: enum: - tcp - rest - graphql - udg - subgraph - supergraph - internal type: string - description: Comma separated list of categories you want to filter Apis by. in: query name: category required: false schema: type: string - description: Comma separated list of authentication type you want to filter apis by. example: keyless,authToken in: query name: auth_type required: false schema: type: string - allowEmptyValue: true description: For versioned APIs, return only the base versions.If any value is sent in this query parameter only the base version will be returned example: "1" in: query name: base_apis required: false schema: type: string - description: Query string for search/filtering.This will return all apis whose names matches the given pattern example: Rate Limit Path API 1 in: query name: q required: false schema: type: string - description: Use p query parameter to say which page you want returned. Send number less than 0 to return all items. example: 1 in: query name: p required: false schema: type: integer - description: |- * 'name' - Sort by name in ascending order. * '-name' - Sort by name in descending order. * 'updated_at' - Sort by updated_at in ascending order. * '-updated_at' - Sort by updated_at in descending order. * 'created_at' - Sort by created_at in ascending order. * '-created_at' - Sort by created_at in descending order. example: name in: query name: sort required: false schema: enum: - name - -name - created_at - -created_at - updated_at - -updated_at type: string responses: "200": content: application/json: examples: paginatedApiExample: $ref: '#/components/examples/paginatedApiExample' schema: $ref: '#/components/schemas/ApiDefinitionsResponse' description: List of API definitions. "400": content: application/json: example: Message: Could not retrieve APIs. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Bad Request "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/apis' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "500": content: application/json: example: Message: Failed to marshal data for APIs. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Get List of APIs tags: - APIs post: description: |- Create an API Definition in Tyk Classic API format. Note that the response includes the newly created Tyk Classic API Definition containing the unique identifier for the APIs (`api_id`). You can provide a value for the `api_id` in the request body, otherwise Tyk will automatically generate a value for you. The `ID` field within the Tyk Classic API Definition is a proprietary field used by Tyk to identify the API within the database and cannot be chosen or modified by the user. operationId: postApis parameters: - description: The base API which the new version will be linked to. example: 663a4ed9b6be920001b191ae in: query name: base_api_id required: false schema: type: string - description: The version name of the base API while creating the first version. This doesn't have to be sent for the next versions but if it is set, it will override base API version name. example: Default in: query name: base_api_version_name required: false schema: type: string - description: The version name of the created version. example: v2 in: query name: new_version_name required: false schema: type: string - description: If true, the new version is set as default version. example: true in: query name: set_default required: false schema: type: boolean requestBody: content: application/json: example: api_definition: api_id: b84fe1a04e5648927971c0557971565c auth: auth_header_name: authorization definition: key: version location: header name: Tyk Test API org_id: 664a14650619d40001f1f00f proxy: listen_path: /tyk-api-test-one/ strip_listen_path: true target_url: https://httpbin.org use_oauth2: true version_data: not_versioned: true versions: Default: name: Default schema: $ref: '#/components/schemas/ApiDefinitionWrapper' responses: "200": content: application/json: example: ID: 284acad18f44f3d4e9a0832ccf5fd1 Message: API created Meta: 663cd8615715ec1405aafbea Status: OK schema: $ref: '#/components/schemas/ApiResponse' description: API created "400": content: application/json: example: Message: version name header should be set with base API ID Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Bad Request "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/apis' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "409": content: application/json: example: Message: Found API with the same ID Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: if API with given API ID already exist summary: Create API Definition tags: - APIs /api/cache/jwks/{apiId}: delete: description: Invalidate JWKS cache for the given API. operationId: invalidateJWKSCache parameters: - description: The API ID. example: ae67bb862a3241a49117508e0f9ee839 in: path name: apiId required: true schema: type: string responses: "200": content: application/json: example: message: success status: OK schema: $ref: '#/components/schemas/ApiStatusMessage' description: Cache invalidated. "403": content: application/json: example: message: Update not allowed, API not owned by user status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Forbidden summary: Invalidate cache for given API ID. tags: - APIs /api/apis/{apiID}/access: get: description: This will return APIAccessManagementPayload that has two lists containing users and user groups that have access to an API. operationId: getApiAccessRights parameters: - description: The API ID example: b84fe1a04e5648927971c0557971565c in: path name: apiID required: true schema: type: string responses: "200": content: application/json: example: userGroupIds: - 663a4ed6b6be920001b191aa - 663a4ed6b6be920001b191ab userIds: - 663b2a835715ecb6edef24e3 - 663a5bbf5715ec8040251f2a schema: $ref: '#/components/schemas/AccessManagementPayload' description: APIAccessManagementPayload represents two lists containing users and user groups that have access to an API "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/apis/{apiID}/access' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "404": content: application/json: example: Message: API not found Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: API with this ID does not exist "500": content: application/json: example: Message: failed to marshal ownership payload Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Get API access rights (users and userGroups) tags: - APIs put: description: This will update the user group and users that have access to an API.The userIds and userGroup sent will entirely replace the existing userIds IDs and userGroup ids. operationId: updateApiAccessRights parameters: - description: The API ID example: b84fe1a04e5648927971c0557971565c in: path name: apiID required: true schema: type: string requestBody: content: application/json: example: userGroupIds: - 663a4ed6b6be920001b191aa - 663a4ed6b6be920001b191ab userIds: - 663a5bbf5715ec8040251f2a schema: $ref: '#/components/schemas/AccessManagementPayload' responses: "200": content: application/json: example: Message: API access updated Meta: null Status: OK schema: $ref: '#/components/schemas/ApiResponse' description: API access updated "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/apis/{apiID}/access' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "404": content: application/json: example: Message: API not found Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: API with ID not found "500": content: application/json: example: Message: failed to unmarshal categories payload Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Update API access rights (users and userGroups) tags: - APIs /api/apis/{apiID}/keys: get: description: Lists keys that grant access to the API with the ID {apiID}. operationId: listApiKeys parameters: - description: Use p query parameter to say which page you want returned. Send number less than 0 to return all items. example: 1 in: query name: p required: false schema: type: integer - description: ID of the API. example: 663a4ed9b6be920001b191ae in: path name: apiID required: true schema: type: string responses: "200": content: application/json: example: data: keys: - 5e9d9544a1dcd60001d0ed20a28c495beff140a4a6d8c272a1956b99 - 5e9d9544a1dcd60001d0ed20e7f75f9e03534825b7aef9df749582e5 - 5e9d9544a1dcd60001d0ed2060ff87c0deab4a508dd2ac18ccb8b664 pages: 1 schema: $ref: '#/components/schemas/Keys' description: Paginated key IDs. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/apis/{apiID}/keys' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "404": content: application/json: example: Message: Could not retrieve keys. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Returned when keys are hashed and hashed key listing is disabled. "500": content: application/json: example: Message: Failed to unmarshal keys data from Tyk API. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: List keys by API. tags: - Keys /api/apis/{apiID}/keys/{keyID}: delete: description: Deleting a key will remove it permanently from the system, however analytics relating to that key will still be available. operationId: deleteApiKeyDetail parameters: - description: If you are not sure if a key is hashed you can send this as true. example: true in: query name: auto_guess required: false schema: default: false type: boolean - description: Use the hash of the key as input instead of the full key. Any none empty string will be interpreted as to say you want to use hash input. example: "1" in: query name: hashed required: false schema: type: string - description: Set to true if the passed key is a username. example: true in: query name: username required: false schema: type: boolean - description: ID of API the keys grant access to. Can either be the internal or external API ID. example: 546e885199c947147e7f39b7d6e8e984 in: path name: apiID required: true schema: type: string - description: The key ID example: 5e9d9544a1dcd60001d0ed20e7f75f9e03534825b7aef9df749582e5 in: path name: keyID required: true schema: type: string responses: "200": content: application/json: example: Message: Key deleted successfully. Meta: null Status: OK schema: $ref: '#/components/schemas/ApiResponse' description: Key deleted. "400": content: application/json: example: Message: Attempted access to non-owned key. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Trying to access a key your org does not own. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/apis/{apiID}/keys/{keyID}' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "404": content: application/json: example: Message: Could not retrieve key detail. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Key with ID not found. "500": content: application/json: example: Message: Could not delete key. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Delete key with API ID and key ID. tags: - Keys get: description: Fetches the key that grant access to the API with the ID {apiID} and key ID {keyID}. operationId: getApiKeyDetail parameters: - description: If you are not sure if a key is hashed you can send this as true. example: true in: query name: auto_guess required: false schema: default: false type: boolean - description: Use the hash of the key as input instead of the full key.Any none empty string will be interpreted as to say you want to use hash input. example: "1" in: query name: hashed required: false schema: type: string - description: Set to true if the passed key ID is a username. example: true in: query name: username required: false schema: type: boolean - description: ID of API the keys grant access to. Can either be the internal or external API ID. example: 546e885199c947147e7f39b7d6e8e984 in: path name: apiID required: true schema: type: string - description: The Key ID. example: 5e9d9544a1dcd60001d0ed20e7f75f9e03534825b7aef9df749582e5 in: path name: keyID required: true schema: type: string responses: "200": content: application/json: schema: $ref: '#/components/schemas/KeyData' description: Key data fetched. "400": content: application/json: example: Message: Attempted access to non-owned key. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Trying to access a key your org does not own. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/apis/{apiID}/keys/{keyID}' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "404": content: application/json: example: Message: Could not retrieve key detail. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Key with ID not found. summary: Get key details with API ID and key ID. tags: - Keys put: description: You can also manually add keys to Tyk using your own key-generation algorithm. It is recommended if using this approach to ensure that the OrgID being used in the API Definition and the key data is blank so that Tyk does not try to prepend or manage the key in any way. operationId: updateApiKeyDetail parameters: - description: If you are not sure if a key is hashed you can send this as true. example: true in: query name: auto_guess required: false schema: default: false type: boolean - description: Use the hash of the key as input instead of the full key. Any none empty string will be interpreted as to say you want to use hash input. example: "1" in: query name: hashed required: false schema: type: string - description: Set to true if the passed key ID is a username. example: true in: query name: username required: false schema: type: boolean - description: Adding the suppress_reset parameter and setting it to 1, will cause Tyk not to reset the quota limit that is in the current live quota manager. By default Tyk will reset the quota in the live quota manager (initialising it) when adding a key. Adding the `suppress_reset` flag to the URL parameters will avoid this behaviour. example: "1" in: query name: suppress_reset required: false schema: type: string - description: ID of API the keys grant access to. Can either be the internal or external API ID. example: 546e885199c947147e7f39b7d6e8e984 in: path name: apiID required: true schema: type: string - description: The Key ID. example: 5e9d9544a1dcd60001d0ed20e7f75f9e03534825b7aef9df749582e5 in: path name: keyID required: true schema: type: string requestBody: content: application/json: example: alias: portal-key allowance: 1000 apply_policies: - 62a0ec9092faf50001395817 enable_detailed_recording: true expires: 1.718439136e+09 hmac_enabled: false is_inactive: false meta_data: tyk_developer_id: 62b3fb9a1d5e4f00017226f5 org_id: 5e9d9544a1dcd60001d0ed20 per: 60 quota_max: -1 quota_remaining: 0 quota_renewal_rate: -1 quota_renews: 1.715847135e+09 rate: 1000 tags: - edge-eu - edge throttle_interval: 0 throttle_retry_limit: 0 schema: $ref: '#/components/schemas/SessionState' responses: "200": content: application/json: schema: $ref: '#/components/schemas/KeyData' description: Key updated "400": content: application/json: example: Message: User/Key object validation failed, most likely malformed input. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Malformed input. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: Request body malformed. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unmarshalling request body failed, malformed. "404": content: application/json: example: Message: Could not retrieve key detail. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Key with ID not found. "500": content: application/json: example: Message: Failed to unmarshal Key data. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: With API ID and key ID. tags: - Keys /api/apis/{apiId}: delete: description: Delete an API by ID operationId: deleteApi parameters: - description: ID of API to delete. Can either be internal or public API ID. example: b84fe1a04e5648927971c0557971565c in: path name: apiId required: true schema: type: string responses: "200": content: application/json: example: Message: API deleted Meta: null Status: OK schema: $ref: '#/components/schemas/ApiResponse' description: OK "400": content: application/json: example: Message: Could not delete the API Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Failed to delete "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/apis/{apiId}' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "404": content: application/json: example: Message: Could not retrieve API detail Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: API with given ID not found summary: Delete a single API by ID tags: - APIs get: description: Get an API by ID operationId: getApi parameters: - description: ID of API to get. Can either be internal or public API ID. example: b84fe1a04e5648927971c0557971565c in: path name: apiId required: true schema: type: string responses: "200": content: application/json: examples: singleAPIDef: $ref: '#/components/examples/singleAPIDef' schema: $ref: '#/components/schemas/ApiDefinitionWrapper' description: API definition headers: x-tyk-base-api-id: description: ID of the base API if the requested API is a version. schema: type: string style: simple "400": content: application/json: example: Message: Could not retrieve API detail Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Bad Request "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/apis/{apiId}' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "500": content: application/json: example: Message: Failed to marshal data for API detail Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Get a single API by ID tags: - APIs put: description: Update an API Definition. api_id can be updated for On-Premise installations, but it cannot be updated when the Dashboard resides in Tyk Cloud. Updates to api_id in Tyk Cloud will be ignored. operationId: putApi parameters: - description: ID of API to get. Can either be internal or public API ID. example: b84fe1a04e5648927971c0557971565c in: path name: apiId required: true schema: type: string requestBody: content: application/json: example: api_definition: api_id: b84fe1a04e5648927971c0557971565c auth: auth_header_name: authorization definition: key: version location: header name: Update API name org_id: 664a14650619d40001f1f00f proxy: listen_path: /updated-tyk-api-test/ strip_listen_path: true target_url: https://httpbin.org use_oauth2: true version_data: not_versioned: true versions: Default: name: Default schema: $ref: '#/components/schemas/ApiDefinitionWrapper' responses: "200": content: application/json: example: Message: API updated Meta: null Status: OK schema: $ref: '#/components/schemas/ApiResponse' description: API updated "400": content: application/json: example: Message: Invalid `ID` value Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: the ID sent in the body is not same as the ID in the path parameter "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/apis/{apiId}' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "404": content: application/json: example: Message: API definition does not exist Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: API with given ID not found "500": content: application/json: example: Message: Error while validating schema Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Update API Definition tags: - APIs /api/apis/{apiId}/keys/search: get: description: Lists keys that grant access to the API with the ID {apiID}. When q query parameter is passed it will only return keys that contains the string sent by q. operationId: SearchKeys parameters: - description: Filter and return all keys that contain this text in there key ID. example: itachi in: query name: q required: false schema: type: string - description: Use p query parameter to say which page you want returned. Send number less than 0 to return all items. example: 1 in: query name: p required: false schema: type: integer - description: ID of the API. example: 663a4ed9b6be920001b191ae in: path name: apiId required: true schema: type: string responses: "200": content: application/json: example: data: keys: - 5e9d9544a1dcd60001d0ed20itachi - 5e9d9544a1dcd60001d0ed20ns-itachi pages: 1 schema: $ref: '#/components/schemas/Keys' description: Paginated key IDs "400": content: application/json: example: Message: Could not search keys. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Could not search keys. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/apis/{apiId}/keys/search' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "500": content: application/json: example: Message: Failed to unmarshal user data. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Search keys by API. tags: - Keys /api/apis/{apiId}/url: get: description: This will return your API BasePath(your API listen path) ,Host(your API domain or gateway hostname ) and API URL (full url to your API upstream which is a combination of the protocol the API uses (e.g http)+ host name(e.g tyk.io) and the API listen_path ) operationId: getApiUrl parameters: - description: The API ID example: b84fe1a04e5648927971c0557971565c in: path name: apiId required: true schema: type: string responses: "200": content: application/json: example: ApiURL: http://localhost:8080/rate-limit-proxy-api/ BasePath: /rate-limit-proxy-api/ Host: localhost:8080 schema: $ref: '#/components/schemas/URLVals' description: Urls returned successfully "400": content: application/json: example: Message: Could not retrieve API detail Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: API not found "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/apis/{apiId}/url' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden summary: Get API URLs tags: - APIs /api/proxy: post: summary: Proxy API request operationId: proxyRequest description: | Forwards a request to a specified gateway endpoint. This endpoint allows you to send requests to other services through the Tyk gateway, which can be useful for testing or accessing protected resources. The proxy will forward your request to the specified URL, including any headers and body data you provide. It then returns the response from the target service, including status code, headers, and body. tags: - Proxy requestBody: required: true content: application/json: schema: $ref: '#/components/schemas/ProxyRequest' example: method: "GET" url: "http://localhost:8181/test-oas/get" headers: test: "tyk" Content-Type: "application/json" body: name: "New Resource" description: "Description of the resource." responses: '200': description: Successful response content: application/json: schema: $ref: '#/components/schemas/ProxyResponse' example: status_code: 200 headers: Access-Control-Allow-Credentials: "true" Access-Control-Allow-Origin: "*" Content-Length: "364" Content-Type: "application/json" Date: "Thu, 19 Dec 2024 14:10:48 GMT" Server: "gunicorn/19.9.0" X-Ratelimit-Limit: "0" X-Ratelimit-Remaining: "0" X-Ratelimit-Reset: "0" body: args: {} headers: Accept-Encoding: "gzip" Content-Length: "83" Content-Type: "application/json" Host: "httpbin.org" Test: "tyk" User-Agent: "Go-http-client/1.1" X-Amzn-Trace-Id: "Root=1-67642968-11206636527acf9a25d230c3" origin: "::1, 81.18.84.15" url: "http://httpbin.org/get" '400': description: Bad request - usually due to malformed request syntax content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' example: Status: "Error" Message: "Invalid proxy request" Meta: null '403': description: Forbidden - URL not recognized or not allowed content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' example: Status: "Error" Message: "Provided URL is not a recognised gateway URL" Meta: null '500': description: Internal server error - issue with proxy or target service content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' example: Status: "Error" Message: "Failed to process proxy request" Meta: null /api/apis/categories: get: description: Get a list of all the defined API categories and the number(count) of APIs that are in each category. operationId: getAllApiCategories responses: "200": content: application/json: example: categories: - count: 3 name: tag2 - count: 1 name: tag2 - count: 1 name: tag3 schema: $ref: '#/components/schemas/AllCategoriesResponse' description: API categories "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/apis/categories' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "500": content: application/json: example: Message: Could not retrieve APIs Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Get API Categories tags: - APIs /api/apis/groups: get: description: This will return a map/hashmap with categories as keys and the key values will be a list that contains all the APIIDs that belong to that category. operationId: getAPIGroups responses: "200": content: application/json: example: '#tag2': - d1dfc6a927a046c54c0ed470f19757cc '#tag3': - d1dfc6a927a046c54c0ed470f19757cc httpbin: - d1dfc6a927a046c54c0ed470f19757cc tag1: - d1dfc6a927a046c54c0ed470f19757cc - 627efb71ebae49df7a853b9769b65fce tag2: - d1dfc6a927a046c54c0ed470f19757cc - 627efb71ebae49df7a853b9769b65fce schema: additionalProperties: items: type: string type: array type: object description: A map of groups with APIs IDs in that group. "400": content: application/json: example: Message: Could not retrieve APIs. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unable to get groups e.g because database is down "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/apis/groups' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "500": content: application/json: example: Message: Failed to unmarshal API groups data Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Get API Groups. tags: - APIs /api/apis/keys: get: description: Return a paginated list of keys. operationId: listKeys parameters: - description: Use p query parameter to say which page you want returned. Send number less than 0 to return all items. example: 1 in: query name: p required: false schema: type: integer responses: "200": content: application/json: example: data: keys: - 5e9d9544a1dcd60001d0ed20a28c495beff140a4a6d8c272a1956b99 - 5e9d9544a1dcd60001d0ed20e7f75f9e03534825b7aef9df749582e5 - 5e9d9544a1dcd60001d0ed2060ff87c0deab4a508dd2ac18ccb8b664 pages: 1 schema: $ref: '#/components/schemas/Keys' description: Paginated key IDs. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/apis/keys' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "500": content: application/json: example: Message: Failed to unmarshal keys data from Tyk API. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: List All the keys. tags: - Keys /api/apis/keys/basic/{username}: post: description: Create a Basic Auth user with the username specified in the path {username}. Note you have to send password via(the basic_auth_data.password field) in the request body. operationId: createBasicAuthUser parameters: - description: ' Username of Basic Auth user to create or update.' example: itachi in: path name: username required: true schema: type: string requestBody: content: application/json: example: alias: portal-key allowance: 1000 apply_policies: - 62a0ec9092faf50001395817 basic_auth_data: password: test123 enable_detailed_recording: true expires: 1.718439136e+09 hmac_enabled: false is_inactive: false meta_data: tyk_developer_id: 62b3fb9a1d5e4f00017226f5 org_id: 5e9d9544a1dcd60001d0ed20 per: 60 quota_max: -1 quota_remaining: 0 quota_renewal_rate: -1 quota_renews: 1.715847135e+09 rate: 1000 tags: - edge-eu - edge throttle_interval: 0 throttle_retry_limit: 0 schema: $ref: '#/components/schemas/SessionState' responses: "200": content: application/json: schema: $ref: '#/components/schemas/KeyData' description: User created successfully. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: Request body malformed Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unmarshalling request body failed, malformed. "500": content: application/json: example: Message: Failed to unmarshal Key data. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Create a Basic Auth User. tags: - Basic Authentication /api/apis/streams: post: description: |- Create a Streams API Definition in Tyk OAS API format. Note that the response includes the newly created Tyk Streams API Definition containing the unique identifier for the API (`ID`). You can provide a value for `ID` in the request body, otherwise Tyk will automatically generate a value. operationId: createStreamsApi parameters: - name: "Content-Type" in: header required: true description: "Content type for streams endpoints should be `application/vnd.tyk.streams.oas`" schema: type: string enum: ["application/vnd.tyk.streams.oas"] requestBody: content: application/vnd.tyk.streams.oas: examples: StreamsAPIExample: $ref: "#/components/examples/streamsExample" schema: allOf: - $ref: '#/components/schemas/OpenAPI3Schema' - $ref: '#/components/schemas/TykVendorExtension' - $ref: '#/components/schemas/XTykStreaming' responses: "200": content: application/json: example: ID: 4c1c0d8fc885401053ddac4e39ef676b Message: API created Meta: 665597e0b646b300011acb69 Status: OK schema: $ref: '#/components/schemas/ApiResponse' description: API created. "400": content: application/json: example: Message: Couldn't read body. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Malformed data. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: Your license does not support adding/ modifying streams API configuration. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "409": content: application/json: example: Message: Found API with the same ID. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Conflict "500": content: application/json: example: Message: Error while creating API. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Create Streams API. tags: - Streams APIs /api/apis/streams/{apiId}: delete: description: Deleting a Streams API definition will remove the file from the file store. The API definition will not be unloaded and a separate reload request will need to be made to disable the API endpoint. operationId: deleteStreamsApi parameters: - description: ID of the API you want to delete. example: 4c1c0d8fc885401053ddac4e39ef676b in: path name: apiId required: true schema: type: string - name: "Content-Type" in: header required: true description: "Content type for streams endpoints should be `application/vnd.tyk.streams.oas`" schema: type: string enum: ["application/vnd.tyk.streams.oas"] responses: "200": content: application/json: example: Message: API deleted. Meta: null Status: OK schema: $ref: '#/components/schemas/ApiResponse' description: Deleted successfully. "400": content: application/json: example: Message: Could not delete the API. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Bad Request "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/apis/streams/{apiId}' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "404": content: application/json: example: Message: Could not retrieve API detail. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: API not found. summary: Delete Streams API. tags: - Streams APIs get: description: Get a single Streams API definition. operationId: getStreamsAPIDetails parameters: - description: ID of the API you want to fetch. example: 4c1c0d8fc885401053ddac4e39ef676b in: path name: apiId required: true schema: type: string - name: "Accept" in: header required: true description: "Accept type for streams endpoints should be `application/vnd.tyk.streams.oas`" schema: type: string enum: ["application/vnd.tyk.streams.oas"] responses: "200": content: application/json: examples: streamsAPIExample: $ref: '#/components/examples/streamsExample' schema: allOf: - $ref: '#/components/schemas/OpenAPI3Schema' - $ref: '#/components/schemas/TykVendorExtension' - $ref: '#/components/schemas/XTykStreaming' description: Fetched API. "400": content: application/json: example: Message: Could not retrieve API detail. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Bad request or API not found. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/apis/streams/{apiId}' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "500": content: application/json: example: Message: Failed to marshal data for API detail. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Get Streams API details. tags: - Streams APIs patch: description: Update a Tyk Streams API. You can use this endpoint to update the OAS part of your Tyk Streams API definition. This endpoint allows you to configure the Tyk OAS extension based on the query parameters provided (similar to import). operationId: patchApiStreams parameters: - name: "Content-Type" in: header required: true description: "Content type for streams endpoints should be `application/vnd.tyk.streams.oas`" schema: type: string enum: [ "application/vnd.tyk.streams.oas" ] - description: ID of the API you want to patch. example: 4c1c0d8fc885401053ddac4e39ef676b in: path name: apiId required: true schema: type: string - $ref: '#/components/parameters/ListenPath' - $ref: '#/components/parameters/CustomDomain' - $ref: '#/components/parameters/AllowList' - $ref: '#/components/parameters/ValidateRequest' - $ref: '#/components/parameters/MockResponse' - $ref: '#/components/parameters/Authentication' requestBody: content: application/vnd.tyk.streams.oas: examples: PatchOASExample: $ref: "#/components/examples/streamsExample" schema: oneOf: - allOf: - $ref: '#/components/schemas/OpenAPI3Schema' - $ref: '#/components/schemas/TykVendorExtension' - $ref: '#/components/schemas/XTykStreaming' multipart/form-data: schema: $ref: '#/components/schemas/FormDataFile' description: The content of the file should be the OpenAPI document in JSON format. responses: "200": content: application/json: example: Message: API updated Meta: null Status: OK schema: $ref: '#/components/schemas/ApiResponse' description: Patched API. "400": content: application/json: example: Message: Invalid `ID` value Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Malformed request. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: Failed to update org object to DB. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden. "404": content: application/json: example: Message: API not found. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: API not found. summary: Patch a single Streams API by ID. tags: - Streams APIs put: description: Updating an API definition uses the same signature object as a `POST`. It will first ensure that the API ID being updated is the same as in the `PUT` object.
Updating will completely replace the file descriptor and will not change an API definition that has already been loaded. The hot-reload endpoint will need to be called to push the new definition to live. operationId: updateStreamsApi parameters: - name: "Content-Type" in: header required: true description: "Content type for streams endpoints should be `application/vnd.tyk.streams.oas`" schema: type: string enum: [ "application/vnd.tyk.streams.oas" ] - description: ID of the API you want to update. example: 4c1c0d8fc885401053ddac4e39ef676b in: path name: apiId required: true schema: type: string requestBody: content: application/vnd.tyk.streams.oas: examples: StreamsAPIExample: $ref: "#/components/examples/streamsExample" schema: allOf: - $ref: '#/components/schemas/OpenAPI3Schema' - $ref: '#/components/schemas/TykVendorExtension' - $ref: '#/components/schemas/XTykStreaming' responses: "200": content: application/json: example: Message: API updated. Meta: null Status: OK schema: $ref: '#/components/schemas/ApiResponse' description: Updated API. "400": content: application/json: example: Message: The payload should contain x-tyk-api-gateway and/or x-tyk-streaming. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Malformed API data. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: Found API with same url. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "404": content: application/json: example: Message: API definition does not exist Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: API not found. "500": content: application/json: example: Message: Error while creating API. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Update Streams API. tags: - Streams APIs /api/apis/oas: post: description: |- Create an API Definition in Tyk OAS API format. Note that the response includes the newly created Tyk OAS API Definition containing the unique identifier for the API (`ID`). You can provide a value for `ID` in the request body, otherwise Tyk will automatically generate a value. operationId: createApiOAS parameters: - description: The base API which the new version will be linked to. example: 663a4ed9b6be920001b191ae in: query name: base_api_id required: false schema: type: string - description: The version name of the base API while creating the first version. This doesn't have to be sent for the next versions but if it is set, it will override base API version name. example: Default in: query name: base_api_version_name required: false schema: type: string - description: The version name of the created version. example: v2 in: query name: new_version_name required: false schema: type: string - description: If true, the new version is set as default version. example: true in: query name: set_default required: false schema: type: boolean - $ref: '#/components/parameters/TemplateID' requestBody: content: application/json: example: components: securitySchemes: bearerAuth: description: The API Access Credentials scheme: bearer type: http info: description: This is a sample OpenAPI description. title: Sample OpenAPI description version: 1.0.0 openapi: 3.0.3 paths: /api/sample/users: get: operationId: getUsersSample responses: "200": content: application/json: schema: items: properties: name: type: string type: object type: array description: fetched users summary: Get users tags: - users security: - bearerAuth: [] servers: - url: https://localhost:8080 x-tyk-api-gateway: info: name: user state: active: true server: listenPath: strip: true value: /user-test-one/ upstream: url: https://localhost:8080 schema: allOf: - $ref: '#/components/schemas/OpenAPI3Schema' - $ref: '#/components/schemas/TykVendorExtension' application/x-yaml: examples: oasExample: $ref: '#/components/examples/oasExample' schema: allOf: - $ref: '#/components/schemas/OpenAPI3Schema' - $ref: '#/components/schemas/TykVendorExtension' responses: "200": content: application/json: example: ID: 4c1c0d8fc885401053ddac4e39ef676b Message: API created Meta: 665597e0b646b300011acb69 Status: OK schema: $ref: '#/components/schemas/ApiResponse' description: OAS created. "400": content: application/json: example: Message: Couldn't read body. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Malformed data. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: Could not retrieve detail of apiID 62a0ec9092faf50001395817 in org 82a0ec9052faf50001395817. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "409": content: application/json: example: Message: Found API with the same ID. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Conflict "500": content: application/json: example: Message: Error while validating schema. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Create OAS API. tags: - OAS APIs /api/apis/oas/{apiId}: delete: description: Deleting an API definition will remove the file from the file store. The API definition will not be unloaded and a separate reload request will need to be made to disable the API endpoint. operationId: deleteOASApi parameters: - description: ID of the API you want to delete. example: 4c1c0d8fc885401053ddac4e39ef676b in: path name: apiId required: true schema: type: string responses: "200": content: application/json: example: Message: API deleted. Meta: null Status: OK schema: $ref: '#/components/schemas/ApiResponse' description: Deleted successfully. "400": content: application/json: example: Message: Could not delete the API. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Bad Request "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/apis/oas/{apiId}' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "404": content: application/json: example: Message: Could not retrieve API detail. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: API not found. summary: Delete OAS API. tags: - OAS APIs get: description: Get a single API definition in OAS format. operationId: getOASAPIDetails parameters: - description: ID of the API you want to fetch. example: 4c1c0d8fc885401053ddac4e39ef676b in: path name: apiId required: true schema: type: string responses: "200": content: application/json: examples: oasExample: $ref: '#/components/examples/oasExample' schema: allOf: - $ref: '#/components/schemas/OpenAPI3Schema' - $ref: '#/components/schemas/TykVendorExtension' application/x-yaml: examples: oasExample: $ref: '#/components/examples/oasExample' schema: allOf: - $ref: '#/components/schemas/OpenAPI3Schema' - $ref: '#/components/schemas/TykVendorExtension' description: Fetched API. headers: x-tyk-base-api-id: description: ID of the base API if the requested API is a version. schema: type: string style: simple "400": content: application/json: example: Message: Could not retrieve API detail. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Bad request or API not found. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/apis/oas/{apiId}' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "500": content: application/json: example: Message: Failed to marshal data for API detail. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Get OAS API details. tags: - OAS APIs patch: description: Update a Tyk OAS API. You can use this endpoint to update the OAS part of your Tyk OAS API definition. This endpoint allows you to configure the Tyk OAS extension based on the query parameters provided (similar to import). operationId: patchApiOAS parameters: - description: ID of the API you want to patch. example: 4c1c0d8fc885401053ddac4e39ef676b in: path name: apiId required: true schema: type: string - $ref: '#/components/parameters/UpstreamURL' - $ref: '#/components/parameters/ListenPath' - $ref: '#/components/parameters/CustomDomain' - $ref: '#/components/parameters/AllowList' - $ref: '#/components/parameters/ValidateRequest' - $ref: '#/components/parameters/MockResponse' - $ref: '#/components/parameters/Authentication' requestBody: content: application/json: examples: PatchByUrl: summary: Patch By Url value: url: https://gist.githubusercontent.com/lghiur/385183f81d0878e5806fffab843d2ef2/raw/1da0aa8b08b496e6c8c84c4996fad6c4877218a0/Petstore%2520Tyk%2520OAS%2520API%2520Definition PatchByOASExample: $ref: '#/components/examples/PatchOASExample' schema: oneOf: - $ref: '#/components/schemas/ApiImportByUrlPayload' - allOf: - $ref: '#/components/schemas/OpenAPI3Schema' - $ref: '#/components/schemas/TykVendorExtension' application/x-yaml: examples: oasExample: $ref: '#/components/examples/PatchOASExample' schema: allOf: - $ref: '#/components/schemas/OpenAPI3Schema' - $ref: '#/components/schemas/TykVendorExtension' multipart/form-data: schema: $ref: '#/components/schemas/FormDataFile' description: The content of the file should be the OpenAPI document in JSON or YAML format. responses: "200": content: application/json: example: Message: API updated Meta: null Status: OK schema: $ref: '#/components/schemas/ApiResponse' description: Patched API. "400": content: application/json: example: Message: Invalid `ID` value Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Malformed request. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: Failed to update org object to DB. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden. "404": content: application/json: example: Message: API not found. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: API not found. summary: Patch a single OAS API by ID. tags: - OAS APIs put: description: Updating an API definition uses the same signature object as a `POST`. It will first ensure that the API ID being updated is the same as in the `PUT` object.
Updating will completely replace the file descriptor and will not change an API definition that has already been loaded. The hot-reload endpoint will need to be called to push the new definition to live. operationId: updateApiOAS parameters: - description: ID of the API you want to update. example: 4c1c0d8fc885401053ddac4e39ef676b in: path name: apiId required: true schema: type: string requestBody: content: application/json: example: components: securitySchemes: bearerAuth: description: The API Access Credentials scheme: bearer type: http info: description: This is a sample OpenAPI description. title: Sample OpenAPI description version: 1.0.0 openapi: 3.0.3 paths: /api/sample/users: get: operationId: getUsersSample responses: "200": content: application/json: schema: items: properties: name: type: string type: object type: array description: fetched users summary: Get users tags: - users security: - bearerAuth: [] servers: - url: https://localhost:8080 x-tyk-api-gateway: info: name: user state: active: true server: listenPath: strip: true value: /user-test-three/ upstream: url: https://localhost:8080 schema: allOf: - $ref: '#/components/schemas/OpenAPI3Schema' - $ref: '#/components/schemas/TykVendorExtension' application/x-yaml: examples: oasExample: $ref: '#/components/examples/oasExample' schema: allOf: - $ref: '#/components/schemas/OpenAPI3Schema' - $ref: '#/components/schemas/TykVendorExtension' responses: "200": content: application/json: example: Message: API updated. Meta: null Status: OK schema: $ref: '#/components/schemas/ApiResponse' description: Updated API. "400": content: application/json: example: Message: The payload should contain x-tyk-api-gateway. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Malformed API data. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: Found API with same url. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "404": content: application/json: example: Message: API definition does not exist Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: API not found. "500": content: application/json: example: Message: Error while validating schema. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Update OAS API. tags: - OAS APIs /api/apis/oas/{apiId}/urls: get: description: | Get the Tyk generated server URLs for a Tyk OAS API. This endpoint returns structured URL information including decomposed components (protocol, domain, listen path, version path, query parameters, and headers) for all server URLs that Tyk generates for the API. operationId: getOASServerURLs parameters: - description: ID of the API for which you want to retrieve server URLs. example: 4c1c0d8fc885401053ddac4e39ef676b in: path name: apiId required: true schema: type: string responses: "200": content: application/json: examples: nonVersionedAPI: summary: Non-versioned API description: Simple API without versioning returns a single server URL value: api_id: "4c1c0d8fc885401053ddac4e39ef676b" urls: - protocol: "http" domain: "localhost" port: 8080 listen_path: "my-api" endpoint_path: "" query_parameters: [] headers: [] url: "http://localhost:8080/my-api" versionedAPIUrlPath: summary: URL path versioning description: Base API with URL path versioning (location=url) value: api_id: "5d2e3f4a6b7c8d9e0f1a2b3c" urls: - protocol: "https" domain: "api.example.com" port: null listen_path: "users" endpoint_path: "v1" query_parameters: [] headers: [] url: "https://api.example.com/users/v1" - protocol: "https" domain: "api.example.com" port: null listen_path: "users" endpoint_path: "" query_parameters: [] headers: [] url: "https://api.example.com/users" versionedAPIQueryParam: summary: Query parameter versioning description: Base API with query parameter versioning (location=url-param) value: api_id: "6e3f4g5h7i8j9k0l1m2n3o4p" urls: - protocol: "https" domain: "gateway.tyk.io" port: null listen_path: "products" endpoint_path: "" query_parameters: - name: "version" value: "v1" headers: [] url: "https://gateway.tyk.io/products?version=v1" versionedAPIHeader: summary: Header versioning description: Base API with header-based versioning (location=header) value: api_id: "7f4g5h6i8j9k0l1m2n3o4p5q" urls: - protocol: "https" domain: "api.company.com" port: null listen_path: "orders" endpoint_path: "" query_parameters: [] headers: - name: "X-API-Version" value: "v1" url: "https://api.company.com/orders" externalChildAPI: summary: External child API (v2) description: External child API exposes both versioned path and direct path value: api_id: "8g5h6i7j9k0l1m2n3o4p5q6r" urls: - protocol: "https" domain: "api.example.com" port: null listen_path: "users" endpoint_path: "v2" query_parameters: [] headers: [] url: "https://api.example.com/users/v2" - protocol: "https" domain: "api.example.com" port: null listen_path: "users-v2" endpoint_path: "" query_parameters: [] headers: [] url: "https://api.example.com/users-v2" customDomain: summary: Custom domain configuration description: API with custom domain configured value: api_id: "9h6i7j8k0l1m2n3o4p5q6r7s" urls: - protocol: "https" domain: "custom.domain.com" port: null listen_path: "api" endpoint_path: "" query_parameters: [] headers: [] url: "https://custom.domain.com/api" schema: $ref: '#/components/schemas/OASServerURLsResponse' description: Successfully retrieved server URLs. "400": content: application/json: example: Message: API ID is required Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Bad request. API ID is missing or invalid. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized. Invalid or missing authorization credentials. "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/apis/oas/{apiId}/urls' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden. User does not have permission to access this API. "404": content: application/json: example: Message: API not found Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: API not found. The specified API ID does not exist. "500": content: application/json: example: Message: Failed to generate server URLs Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. Failed to generate or parse server URLs. summary: Get OAS API server URLs. tags: - OAS APIs /api/apis/oas/{apiId}/categories: get: description: Get a list of the API categories associated with the specified API. operationId: getApiCategories parameters: - description: ID of the API. example: 4c1c0d8fc885401053ddac4e39ef676b in: path name: apiId required: true schema: type: string responses: "200": content: application/json: example: categories: - developers - devops - research schema: $ref: '#/components/schemas/CategoriesPayload' description: Category fetched. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/apis/oas/{apiId}/categories' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "404": content: application/json: example: Message: API not found Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: API not found. "500": content: application/json: example: Message: Failed to marshal categories payload. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Get OAS API's Categories. tags: - OAS APIs put: description: Update the list of API categories associated with the specified API. operationId: updateApiCategories parameters: - description: ID of the API. example: 4c1c0d8fc885401053ddac4e39ef676b in: path name: apiId required: true schema: type: string requestBody: content: application/json: example: categories: - dev - testers - messages schema: $ref: '#/components/schemas/CategoriesPayload' responses: "200": content: application/json: example: Message: API categories updated. Meta: null Status: OK schema: $ref: '#/components/schemas/ApiResponse' description: Categories updated. "400": content: application/json: example: Message: Failed to update ApiDef object to DB. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Malformed request data. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/apis/oas/{apiId}/categories' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "404": content: application/json: example: Message: API not found Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: API not found. "500": content: application/json: example: Message: Failed to update ApiDef object to DB. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Update OAS API categories. tags: - OAS APIs /api/apis/oas/{apiId}/export: get: description: Download API definition in OAS format (only APIs saved in OAS format). When you set the mode query parameter to public the OAS spec exported will exclude the x-tyk-api-gateway part. When mode query parameter is empty or is set to any other value apart from public then the exported OAS spec will include the x-tyk-api-gateway part. operationId: downloadApiOASPublic parameters: - description: ID of the API you want to export. example: 4c1c0d8fc885401053ddac4e39ef676b in: path name: apiId required: true schema: type: string - description: Mode of OAS export, by default mode could be empty which means to export OAS spec including OAS Tyk extension. When mode=public, OAS spec excluding Tyk extension is exported. example: public in: query name: mode required: false schema: enum: - public type: string - name: Content-Type in: header required: false description: Content type of the fetched data. The endpoint returns data in JSON format if Content-Type header is empty. schema: type: string enum: [ "application/json", "application/x-yaml" ] responses: "200": content: application/octet-stream: schema: format: binary type: string description: Fetched successfully. "400": content: application/json: example: Message: Could not retrieve API detail. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: API not found. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/apis/oas/{apiId}/export' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden summary: Export OAS API. tags: - OAS APIs /api/apis/oas/{apiId}/versions: get: description: List all the versions of an OAS API. operationId: listOASApiVersions parameters: - description: ID of the API you want to fetch. example: 4c1c0d8fc885401053ddac4e39ef676b in: path name: apiId required: true schema: type: string - $ref: '#/components/parameters/SearchText' - $ref: '#/components/parameters/AccessType' responses: "200": content: application/json: example: apis: - expirationDate: 2024-11-30 12:00 id: 5b633de8673e40e44bc88b6b248f0937 internal: false isDefaultVersion: true name: user versionName: Default - expirationDate: 2024-11-30 12:00 id: 0fec4eb890cf4b8c5cb6fc011456c315 internal: false isDefaultVersion: false name: user versionName: v2 pages: 1 schema: $ref: '#/components/schemas/VersionMetas' description: Version fetched. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/apis/oas/{apiId}/versions' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "404": content: application/json: example: Message: Could not retrieve API detail. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: API not found. "422": content: application/json: example: Message: '{apiId} is not recognised' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: API not recognised. summary: List OAS API versions. tags: - OAS APIs /api/apis/oas/dry-run: post: description: |- Generate a Tyk OAS API definition without saving it to the Dashboard database. This endpoint is used to produce a Tyk OAS API definition without creating the API proxy itself. This provides a dry run functionality for Tyk OAS API creation, showing what would be created in the Dashboard given the set of inputs provided. operationId: dryRunApiOAS parameters: - $ref: '#/components/parameters/TemplateID' - description: The base API which the new version will be linked to. example: 663a4ed9b6be920001b191ae in: query name: base_api_id required: false schema: type: string - description: The version name of the base API while creating the first version. This doesn't have to be sent for the next versions but if it is set, it will override base API version name. example: Default in: query name: base_api_version_name required: false schema: type: string - description: The version name of the created version. example: v2 in: query name: new_version_name required: false schema: type: string - description: If true, the new version is set as default version. example: true in: query name: set_default required: false schema: type: boolean - $ref: '#/components/parameters/UpstreamURL' - $ref: '#/components/parameters/ListenPath' - $ref: '#/components/parameters/CustomDomain' - $ref: '#/components/parameters/AllowList' - $ref: '#/components/parameters/ValidateRequest' - $ref: '#/components/parameters/MockResponse' - $ref: '#/components/parameters/Authentication' requestBody: content: application/json: example: oas: components: securitySchemes: bearerAuth: description: The API Access Credentials scheme: bearer type: http info: description: This is a sample OpenAPI description. title: Sample OpenAPI description version: 1.0.0 openapi: 3.0.3 paths: /api/sample/users: get: operationId: getUsersOperation responses: "200": content: application/json: schema: items: properties: name: type: string type: object type: array description: fetched users summary: Get users tags: - users security: - bearerAuth: [] servers: - url: https://localhost:8080 tyk_oas: components: securitySchemes: bearerAuth: description: The API Access Credentials scheme: bearer type: http info: description: This is a sample OpenAPI description. title: Sample OpenAPI description version: 1.0.0 openapi: 3.0.3 paths: /api/sample/users: get: operationId: getUsersSample responses: "200": content: application/json: schema: items: properties: name: type: string type: object type: array description: fetched users summary: Get users tags: - users security: - bearerAuth: [] servers: - url: https://localhost:8080 x-tyk-api-gateway: info: name: user state: active: true server: listenPath: strip: true value: /user-test-four/ upstream: url: https://localhost:8080 schema: $ref: '#/components/schemas/DryRunRequest' responses: "200": content: application/json: examples: oasExample: $ref: '#/components/examples/oasExample' schema: allOf: - $ref: '#/components/schemas/TykVendorExtension' - $ref: '#/components/schemas/OpenAPI3Schema' description: Success. "400": content: application/json: example: Message: Couldn't read body. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Malformed request body. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/apis/oas/dry-run' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden summary: Dry Run OAS. tags: - OAS APIs /api/apis/oas/import: post: description: For use with an existing OpenAPI document that you want to expose via your Tyk Gateway.
Create a new Tyk OAS API from an OpenAPI document in JSON or YAML format (without x-tyk-api-gateway extension).
The payload can contain either a fully fledged OpenAPI document or a URL pointing to an OpenAPI document. operationId: importOAS parameters: - $ref: '#/components/parameters/UpstreamURL' - $ref: '#/components/parameters/ListenPath' - $ref: '#/components/parameters/CustomDomain' - $ref: '#/components/parameters/AllowList' - $ref: '#/components/parameters/ValidateRequest' - $ref: '#/components/parameters/MockResponse' - $ref: '#/components/parameters/Authentication' - $ref: '#/components/parameters/TemplateID' - description: The base API which the new version will be linked to. example: 663a4ed9b6be920001b191ae in: query name: base_api_id required: false schema: type: string - description: The version name of the base API while creating the first version. This doesn't have to be sent for the next versions but if it is set, it will override base API version name. example: Default in: query name: base_api_version_name required: false schema: type: string - description: The version name of the created version. example: v2 in: query name: new_version_name required: false schema: type: string - description: If true, the new version is set as default version. example: true in: query name: set_default required: false schema: type: boolean - name: Content-Type in: header required: false description: Content type of the imported document. If Content-Type header is empty, it's assumed that Content-Type is application/json. schema: type: string enum: [ "application/json", "application/x-yaml" ] requestBody: content: application/json: examples: ImportByUrl: summary: Import By Url value: url: https://gist.githubusercontent.com/yurisasuke/e4f11baefb68f2ace5dd2297b7ccc3e0/raw/bb476fa4d4a48874b26d9df9bf62094d1a07f040/tykOas.json ImportTykOAS: summary: Import Tyk Oas Example value: components: securitySchemes: bearerAuth: description: The API Access Credentials scheme: bearer type: http info: description: This is a sample OpenAPI description. title: Sample OpenAPI description version: 1.0.0 openapi: 3.0.3 paths: /api/sample/users: get: operationId: getUsersOperation responses: "200": content: application/json: schema: items: properties: name: type: string type: object type: array description: fetched users summary: Get users tags: - users security: - bearerAuth: [] servers: - url: https://localhost:8080 schema: oneOf: - $ref: '#/components/schemas/ApiImportByUrlPayload' - $ref: '#/components/schemas/OpenAPI3Schema' application/x-yaml: examples: oasExample: $ref: '#/components/examples/oasExampleWithoutTykExtension' schema: $ref: '#/components/schemas/OpenAPI3Schema' multipart/form-data: schema: $ref: '#/components/schemas/FormDataFile' description: The content of the file should be the OpenAPI document in JSON or YAML format (without x-tyk-api-gateway extension). responses: "200": content: application/json: example: ID: 78ade81be12349087e194c858f06f595 Message: API created Meta: 6656cda15715ec8ddb0e7e7c Status: OK schema: $ref: '#/components/schemas/ApiResponse' description: OAS imported. "400": content: application/json: example: Message: The import payload should not contain x-tyk-api-gateway. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Malformed body. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: The user does not have the rights to apply templates. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden. "409": content: application/json: example: Message: Found API with the same ID. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Conflict "500": content: application/json: example: Message: Failed to save new org object to DB. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Import OAS. tags: - OAS APIs /api/apis/oauth/{apiId}: get: description: Return all the auth 2 clients that have been registered with you tyk instance operationId: getOathClientsList parameters: - description: The API’s ID. example: e95400eba23c4a2d4622a722be06fe95 in: path name: apiId required: true schema: type: string responses: "200": content: application/json: example: apps: - client_id: 2a06b398c17f46908de3dffcb71ef87d client_name: "" dcr_registration: access_token: "" client_uri: "" provider: "" description: google client meta_data: user_id: 362b3fb9a1d5e4f00017226f5 policy_id: 665d51505715ec2d76022c87 redirect_uri: https://httpbin.org/ip secret: MmQwNTI5NGQtYjU0YS00NjMyLWIwZjktNTZjY2M1ZjhjYWY0 pages: 1 schema: $ref: '#/components/schemas/OAuthApps' description: Fetched successfully. "400": content: application/json: example: Message: API Reference not found. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Not enough permissions or API not found. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/apis/oauth/{apiId}' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "404": content: application/json: example: Message: Could not retrieve apps list. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Not Found "500": content: application/json: example: Message: Failed to unmarshal key data from Tyk API. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: List OAuth clients. tags: - Oauth post: description: Client apps are created dynamically, the only parameter required to create a new client app with Tyk is to specify the redirect URI, this is used as part of the client authentication and cannot be edited later. Please note that if you don't attach a policy to the OAuth client you will need to provide dynamic key rules to client authorization endpoint. operationId: createNewClientApp parameters: - description: The API’s ID. example: e95400eba23c4a2d4622a722be06fe95 in: path name: apiId required: true schema: type: string requestBody: content: application/json: example: meta_data: user_id: 362b3fb9a1d5e4f00017226f5 policy_id: 665d51505715ec2d76022c87 redirect_uri: https://httpbin.org/ip schema: $ref: '#/components/schemas/NewClientRequest' responses: "200": content: application/json: example: client_id: 2a06b398c17f46908de3dffcb71ef87d client_name: "" dcr_registration: access_token: "" client_uri: "" provider: "" description: google client meta_data: user_id: 362b3fb9a1d5e4f00017226f5 policy_id: 665d51505715ec2d76022c87 redirect_uri: https://httpbin.org/ip secret: MmQwNTI5NGQtYjU0YS00NjMyLWIwZjktNTZjY2M1ZjhjYWY0 schema: $ref: '#/components/schemas/OAuthClient' description: Client created. "400": content: application/json: example: Message: API reference not found. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Bad Request "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: Request body malformed. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Request body malformed. "500": content: application/json: example: Message: Could not retrieve policy details. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Create a new OAuth2.0 client. tags: - Oauth /api/apis/oauth/{apiId}/{clientId}: delete: description: You can delete an OAuth client using this endpoint. Please note that tokens issued with the client ID will still be valid until they expire. operationId: deleteOathClient parameters: - description: The API’s ID. example: e95400eba23c4a2d4622a722be06fe95 in: path name: apiId required: true schema: type: string - description: The client ID. example: 2a06b398c17f46908de3dffcb71ef87 in: path name: clientId required: true schema: type: string responses: "200": content: application/json: example: Message: OAuth client deleted successfully. Meta: null Status: OK schema: $ref: '#/components/schemas/ApiResponse' description: Deleted successfully. "400": content: application/json: example: Message: API Reference not found. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Bad Request "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: You don't have access to this. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: You have no access. "404": content: application/json: example: Message: Could not retrieve app detail. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Not found. "500": content: application/json: example: Message: Could not remove app. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Delete OAuth client. tags: - Oauth get: description: Get single OAuth client details with its client ID. operationId: getOAuthClientDetail parameters: - description: The API’s ID. example: e95400eba23c4a2d4622a722be06fe95 in: path name: apiId required: true schema: type: string - description: The client ID. example: 2a06b398c17f46908de3dffcb71ef87 in: path name: clientId required: true schema: type: string responses: "200": content: application/json: example: client_id: 2a06b398c17f46908de3dffcb71ef87d client_name: "" dcr_registration: access_token: "" client_uri: "" provider: "" description: google client meta_data: user_id: 362b3fb9a1d5e4f00017226f5 policy_id: 665d51505715ec2d76022c87 redirect_uri: https://httpbin.org/ip secret: MmQwNTI5NGQtYjU0YS00NjMyLWIwZjktNTZjY2M1ZjhjYWY0 schema: $ref: '#/components/schemas/OAuthClient' description: Details fetched successfully. "400": content: application/json: example: Message: API reference not found. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Bad Request "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: You don't have access to this. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: You have no access. "404": content: application/json: example: Message: Could not retrieve app detail. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Not Found "500": content: application/json: example: Message: Failed to unmarshal app data from Tyk API. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Get single OAuth client details. tags: - Oauth /api/apis/oauth/{apiId}/{clientId}/tokens: get: description: This endpoint allows you to retrieve a list of all current tokens and their expiry date for a provided API ID and OAuth client ID. operationId: getClientTokens parameters: - description: The API’s ID. example: e95400eba23c4a2d4622a722be06fe95 in: path name: apiId required: true schema: type: string - description: The client ID. example: 2a06b398c17f46908de3dffcb71ef87 in: path name: clientId required: true schema: type: string responses: "200": content: application/json: example: - code: 5a7d110be6355b0c071cc339327563cb45174ae387f52f87a80d2496 expires: 1.618158407e+09 - code: 5a7d110be6355b0c071cc33988884222b0cf436eba7979c6c51d6dbd expires: 1.618158594e+09 schema: $ref: '#/components/schemas/OAuthClientTokens' description: OK "400": content: application/json: example: Message: API Reference not found. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Bad Request "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/apis/oauth/{apiId}/{clientId}/tokens' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "404": content: application/json: example: Message: Could not retrieve tokens. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Not Found "500": content: application/json: example: Message: Failed to unmarshal tokens data from Tyk API. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: List OAuth client tokens. tags: - Oauth /api/apis/migrate: post: description: Migrate APIs from Tyk Classic to Tyk OAS format. The endpoint supports different migration modes including dry run, staging, promotion and direct migration. operationId: migrateAPI requestBody: content: application/json: schema: $ref: '#/components/schemas/MigrateAPIRequest' example: mode: "dryRun" apiIDs: [ "api123", "api456" ] abortOnFailure: true responses: "200": description: Migration completed content: application/json: schema: $ref: '#/components/schemas/MigrateAPIResponse' "400": description: Bad request - validation failed content: application/json: schema: $ref: '#/components/schemas/ApiResponse' "401": description: Unauthorized content: application/json: schema: $ref: '#/components/schemas/ApiResponse' summary: Migrate APIs from Tyk Classic to Tyk OAS format. tags: - MigrateOAS /api/apis/search: get: description: This will return a list of APIs whose names matches the provided q query parameter.If q is not sent all APIs will be returned.The returned results are paginated. operationId: searchApis parameters: - description: Use p query parameter to say which page you want returned. Send number less than 0 to return all items. example: 1 in: query name: p required: false schema: type: integer - description: The name of the APIs you want to search example: Rate Limit Path API 1 in: query name: q required: false schema: type: string responses: "200": content: application/json: examples: paginatedApiExample: $ref: '#/components/examples/paginatedApiExample' schema: $ref: '#/components/schemas/ApiDefinitionsResponse' description: List of API definitions "400": content: application/json: example: Message: Could not retrieve APIs Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Bad Request "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/apis/search' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "500": content: application/json: example: Message: Failed to unmarshal APIs data Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Search List of APIs tags: - APIs /api/assets: get: description: Retrieves all types of assets with optional kind filter. operationId: listAssets parameters: - description: Filter assets by kind (optional). example: oas-template in: query name: kind required: false schema: default: oas-template enum: - oas-template type: string responses: "200": content: application/json: example: - _id: "363634636164353135373135656333663739386262636433" data: info: title: Our Sample OAS version: 1.0.0 openapi: 3.0.3 paths: /anything: post: operationId: anythingpost responses: "200": description: Post created x-tyk-api-gateway: middleware: global: cache: cacheAllSafeRequests: true enabled: true timeout: 5 operations: anythingpost: requestSizeLimit: enabled: true value: 100 description: My first template id: my-unique-template-id kind: oas-template last_updated: "2024-05-21T17:18:57.294797+03:00" name: my-template org_id: 5e9d9544a1dcd60001d0ed20 schema: items: $ref: '#/components/schemas/Asset' type: array description: templates fetched. "400": content: application/json: example: Message: 'unsupported asset kind: ''oas-temp''' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: sending a type that is not supported in the kind query parameter. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/assets' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "500": content: application/json: example: Message: error listing assets. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Retrieve list of assets. tags: - Assets post: description: Create an asset that you can use as a blueprint from which you can create a new Tyk OAS API definition. operationId: addAsset requestBody: content: application/json: example: data: info: title: Our Sample OAS version: 1.0.0 openapi: 3.0.3 paths: /anything: post: operationId: anythingpost responses: "200": description: post created x-tyk-api-gateway: middleware: global: cache: cacheAllSafeRequests: true enabled: true timeout: 5 description: My first template id: my-unique-template-id kind: oas-template name: my-template schema: properties: data: $ref: '#/components/schemas/JSONRawMessage' description: type: string id: type: string kind: type: string name: type: string type: object description: Sample asset. responses: "201": content: application/json: example: ID: my-unique-template-id Message: asset created Meta: 664d86e35715ec0d370bbe11 Status: success schema: $ref: '#/components/schemas/ApiResponse' description: asset created "400": content: application/json: example: Message: error reading json body. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: malformed request body. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/assets' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "409": content: application/json: example: Message: 'Asset ID already exists: ''my-unique-template-id''.' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: trying to add an asset with an ID that already exist. "422": content: application/json: example: Message: 'unsupported asset kind: ''oas-templat''.' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: validation failed "500": content: application/json: example: Message: error adding asset. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Create an asset tags: - Assets /api/assets/{assetID}: delete: description: Remove an asset ID. operationId: deleteAsset parameters: - description: ID of the asset to delete - this value can be the database ID of the asset or the custom ID provided during creation/update. examples: customID: summary: Custom template ID. value: my-unique-template-id dbID: summary: A unique database identifier assigned by Tyk. value: 664cad515715ec3f798bbcd3 in: path name: assetID required: true schema: type: string responses: "200": content: application/json: example: Message: Asset removed successfully Meta: null Status: success schema: $ref: '#/components/schemas/ApiResponse' description: Asset deleted "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/assets/{assetID}' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "404": content: application/json: example: Message: asset not found Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Asset with ID does not exist. "500": content: application/json: example: Message: Error removing asset Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Delete an asset by ID. tags: - Assets get: description: Retrieve an asset by ID. operationId: getAsset parameters: - description: ID of the asset to retrieve - this value can be the database ID of the asset or the custom ID provided during creation/update. examples: customID: summary: Custom template ID. value: my-unique-template-id dbID: summary: A unique database identifier assigned by Tyk. value: 664cad515715ec3f798bbcd3 in: path name: assetID required: true schema: type: string responses: "200": content: application/json: example: _id: "363634636164353135373135656333663739386262636433" data: info: title: Our Sample OAS version: 1.0.0 openapi: 3.0.3 paths: /anything: post: operationId: anythingpost responses: "200": description: Post created x-tyk-api-gateway: middleware: global: cache: cacheAllSafeRequests: true enabled: true timeout: 5 operations: anythingpost: requestSizeLimit: enabled: true value: 100 description: My first template id: my-unique-template-id kind: oas-template last_updated: "2024-05-21T17:18:57.294797+03:00" name: my-template org_id: 5e9d9544a1dcd60001d0ed20 schema: $ref: '#/components/schemas/Asset' description: Asset fetched. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/assets/{assetID}' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "404": content: application/json: example: Message: Asset not found Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Asset with ID does not exist "500": content: application/json: example: Message: Error fetching asset. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Retrieve an asset. tags: - Assets put: description: Update an asset by ID.You cannot update _id (database ID assigned by tyk) operationId: updateAsset parameters: - description: ID of the asset to update - this value can be the database ID of the asset or the custom ID provided during creation/update. examples: customID: summary: Custom template ID. value: my-unique-template-id dbID: summary: A unique database identifier assigned by Tyk. value: 664cad515715ec3f798bbcd3 in: path name: assetID required: true schema: type: string requestBody: content: application/json: example: data: info: title: Our Sample OAS version: 1.0.0 openapi: 3.0.3 paths: /anything: post: operationId: anythingpost responses: "200": description: post created x-tyk-api-gateway: middleware: global: cache: cacheAllSafeRequests: true enabled: true timeout: 5 description: My first template id: my-unique-template-id kind: oas-template name: Update asset name example. schema: properties: data: $ref: '#/components/schemas/JSONRawMessage' description: type: string id: type: string kind: type: string name: type: string type: object description: update name example. responses: "200": content: application/json: example: ID: my-unique-template-id Message: asset updated Meta: 664d86e35715ec0d370bbe11 Status: success schema: $ref: '#/components/schemas/ApiResponse' description: asset updated "400": content: application/json: example: Message: error reading json body. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: malformed request body "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/assets/{assetID}' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "404": content: application/json: example: Message: Asset not found. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Asset with ID does not exist. "409": content: application/json: example: Message: 'Asset ID already exists: ''my-unique-template-id.''.' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Trying to update an asset ID with an ID that is used by another asset. "422": content: application/json: example: Message: 'unsupported asset kind: ''oas-templat''.' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: validation failed. "500": content: application/json: example: Message: error fetching asset. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Update an asset by ID. tags: - Assets /api/certs: get: description: Return list of certificates. If you send the mode query parameter with the value `detailed` the certificates returned will have more information (Will contains all certs basic details). To retrieve a list with complete certificate details use [this endpoint](#operation/listDetailedCertificates). If the mode query parameter is omitted or is empty this endpoint will only return the certificates IDs. The list of certificates returned is paginated. operationId: listCertificates parameters: - description: Use p query parameter to say which page you want returned. Send number less than 0 to return all items. example: 1 in: query name: p required: false schema: type: integer - description: Set to detailed to get certificates that are more with more details (Will contains certs basic details). To retrieve a list of certificates with all the certificate details use [this endpoint](#operation/listDetailedCertificates). example: detailed in: query name: mode required: false schema: enum: - detailed type: string - description: |- Used to apply filtering to the list of certificates returned in the response. With this option you are able to filter by certificates that can be used when signing a request (i.e. they contain a private key), or those used to validate a signature (i.e. they do not contain a private key, only the public key). This query param works only in combination with detailed mode (mode=detailed). `omit` (default) – Returns all certificates. with_pk – Returns only certificates that include a private key. without_pk – Returns only certificates that do not include a private key. name: filter example: omit required: false in: query schema: type: string default: omit enum: - omit - with_pk - without_pk responses: "200": content: application/json: examples: detailed_mode: summary: Returned when you send mode=detailed in query parameter. value: cert_basics: - dns_names: - .*itachi.io has_private: false id: 5e9d9544a1dcd60001d0ed208edce514c2d0a866063550c64d6c90be99d01561ac5aa7e82b8610b7e273d37d is_ca: false issuer_cn: tyk-gateway-2.localhost not_after: "2025-05-19T05:23:10Z" not_before: "2024-05-19T05:23:10Z" subject_cn: tyk-gateway-2.localhost - dns_names: - .*tyk.io has_private: false id: 5e9d9544a1dcd60001d0ed207c440d66ebb0a4629d21329808dce9091acf5f2fde328067a6e60e5347271d90 is_ca: false issuer_cn: tyk.io not_after: "2034-03-26T08:46:37Z" not_before: "2024-03-25T08:46:37Z" subject_cn: tyk.io pages: 1 empty_mode: summary: Returned if `mode` in query parameter is empty. value: certs: - 5e9d9544a1dcd60001d0ed208edce514c2d0a866063550c64d6c90be99d01561ac5aa7e82b8610b7e273d37d - 5e9d9544a1dcd60001d0ed207c440d66ebb0a4629d21329808dce9091acf5f2fde328067a6e60e5347271d90 pages: 1 schema: oneOf: - $ref: '#/components/schemas/CertificateBasics' - $ref: '#/components/schemas/CertificateList' description: OK "400": content: application/json: example: Message: Could not retrieve certs. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unable to retrieve certificates. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/certs' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "500": content: application/json: example: Message: Failed to marshal data for certificates basics list. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: List Certificates. tags: - Certificates post: description: Upload new SSL certificate in PEM format (you should upload as a file). If the certificate should have a private key, convert both the public certificate and the associated private key to PEM format and concatenate them to a single file. You can only upload one certificate at a time. operationId: createCertificates requestBody: content: multipart/form-data: schema: $ref: '#/components/schemas/FormDataFile' description: File containing the certs. responses: "200": content: application/json: example: id: 5e9d9544a1dcd60001d0ed208edce514c2d0a866063550c64d6c90be99d01561ac5aa7e82b8610b7e273d37d message: Certificate added. status: ok schema: $ref: '#/components/schemas/APICertificateStatusMessage' description: Certificates created. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/certs' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "404": content: application/json: example: Message: Could not create certificate.Certificate with 5e9d9... ID already exists. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: unable to create certs "500": content: application/json: example: Message: Failed to read response body, body empty. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Sending data without the certs file. summary: Create a certificate in Tyk org cert store. tags: - Certificates /api/certs/{certId}/apis: get: description: Fetch APIs linked to a certificate operationId: getAPIsByCertificate parameters: - description: ID of the certificate whose linked APIs you want to list. example: 5e9d9544a1dcd60001d0ed208edce514c2d0a866063550c64d6c90be99d01561ac5aa7e82b8610b7e273d37d in: path name: certId required: true schema: type: string responses: "200": content: application/json: example: cert_id: "5e9d9544a1dcd60001d0ed208edce514c2d0a866063550c64d6c90be99d01561ac5aa7e82b8610b7e273d37d" pages: 1 apis: - api_id: "663a4ed9b6be920001b191ae" name: "First API" usage_type: - client - upstream tyk_api_type: "Tyk OAS" - api_id: "663a5ed9b6be920001b191ae" name: "Second API" usage_type: - server tyk_api_type: "Tyk OAS" schema: $ref: '#/components/schemas/APIsUsingCertificate' description: Linked APIs listed "404": content: application/json: example: Message: Certificate not found or access denied Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Failed to retrieve the APIs associated with the certificate. "403": content: application/json: example: Message: Not authorised - You do not have permission, please contact your administrator Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Not authorized to retrieve the APIs associated with the certificate. summary: List APIs lined to a certificate tags: - Certificates /api/certs/{certId}: delete: description: Delete certificate by their ID. operationId: deleteCertificates parameters: - description: ID of the certificate you want to delete. example: 5e9d9544a1dcd60001d0ed208edce514c2d0a866063550c64d6c90be99d01561ac5aa7e82b8610b7e273d37d in: path name: certId required: true schema: type: string responses: "200": content: application/json: example: message: message status: status schema: $ref: '#/components/schemas/ApiStatusMessage' description: Certs deleted. "400": content: application/json: example: Message: Attempted access to non-owned certificate. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Trying to delete certs you don't own. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/certs/{certId}' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "404": content: application/json: example: Message: Could not delete certificate. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Failed to delete certs. summary: Delete Certificate. tags: - Certificates get: description: Get a single certificate details with the certificate's ID. operationId: getCertificate parameters: - description: ID of the certificate you want to fetch. example: 5e9d9544a1dcd60001d0ed208edce514c2d0a866063550c64d6c90be99d01561ac5aa7e82b8610b7e273d37d in: path name: certId required: true schema: type: string responses: "200": content: application/json: example: dns_names: - .*tyk.io fingerprint: 7c440d66ebb0a4629d21329808dce9091acf5f2fde328067a6e60e5347271d90 has_private: false id: 5e9d9544a1dcd60001d0ed207c440d66ebb0a4629d21329808dce9091acf5f2fde328067a6e60e5347271d90 is_ca: false issuer: CommonName: tyk.io Country: - 'Peachtree ' ExtraNames: - Type: - 2 - 5 - 4 - 6 Value: 'Peachtree ' Locality: - JN Names: - Type: - 2 - 5 - 4 - 6 Value: Peachtree - Type: - 2 - 5 - 4 - 10 Value: tyk - Type: - 2 - 5 - 4 - 11 Value: tyk - Type: - 2 - 5 - 4 - 3 Value: tyk.io - Type: - 1 - 2 - 840 - 113549 - 1 - 9 - 1 Value: support@tyk.io Organization: - tyk OrganizationalUnit: - tyk PostalCode: - "00010" Province: - San Jore SerialNumber: "" StreetAddress: - River side drive not_after: "2034-03-26T08:46:37Z" not_before: "2024-03-25T08:46:37Z" subject: CommonName: tyk.io Country: - 'Peachtree ' ExtraNames: - Type: - 2 - 5 - 4 - 6 Value: 'Peachtree ' Locality: - JN Names: - Type: - 2 - 5 - 4 - 6 Value: 'Peachtree ' - Type: - 2 - 5 - 4 - 10 Value: tyk - Type: - 2 - 5 - 4 - 11 Value: tyk - Type: - 2 - 5 - 4 - 3 Value: tyk.io - Type: - 1 - 2 - 840 - 113549 - 1 - 9 - 1 Value: support@tyk.io Organization: - tyk OrganizationalUnit: - tyk PostalCode: - "00010" Province: - San Jore SerialNumber: "" StreetAddress: - River side drive schema: $ref: '#/components/schemas/CertsCertificateMeta' description: Certificates fetched. "400": content: application/json: example: Message: Attempted access to non-owned certificate. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Trying to fetch certs you don't own. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/certs/{certId}' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "404": content: application/json: example: Message: Could not retrieve certificate details. Certificate with given SHA256 fingerprint not found. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Failed to fetch certs. summary: Get single certificate with ID. tags: - Certificates /api/certs/dependencies/{certId}: delete: description: This endpoint will remove the certificates from any APIs that contains it as an upstream certificates or as a client certificate. It will also remove any key that uses this certificate. operationId: deleteCertificateDependencies parameters: - description: ID of the certificate you want to delete dependencies for. example: 5e9d9544a1dcd60001d0ed208edce514c2d0a866063550c64d6c90be99d01561ac5aa7e82b8610b7e273d37d in: path name: certId required: true schema: type: string responses: "200": content: application/json: example: Message: Certificate dependencies deletion successfully attempted. Meta: null Status: OK schema: $ref: '#/components/schemas/ApiResponse' description: Dependencies deleted. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/certs/dependencies/{certId}' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden summary: Delete Certificate dependencies. tags: - Certificates get: description: This will return the API IDs and API names of all APIs that uses this certificates as either upstream certificates or as client certificates. operationId: getCertificateDependencies parameters: - description: ID of the certificate you want to fetch dependencies for. example: 5e9d9544a1dcd60001d0ed208edce514c2d0a866063550c64d6c90be99d01561ac5aa7e82b8610b7e273d37d in: path name: certId required: true schema: type: string responses: "200": content: application/json: example: certID: 5e9d9544a1dcd60001d0ed20a6ab77653d5da938f452bb8cc9b55b0630a6743dabd8dc92bfb025abb09ce035 client_cert_api_names: - Ngrok Dashboard API client_cert_apis: - edc9b2bd3e7b4cc55c4ff0a7e1529b45 key_cert: 5e9d9544a1dcd60001d0ed205e9d9544a1dcd60001d0ed20a6ab77653d5da938f452bb8cc9b55b0630a6743dabd8dc92bfb025abb09ce035 upstream_cert_api_names: - External HTTPbin upstream_cert_apis: - 627efb71ebae49df7a853b9769b65fce schema: $ref: '#/components/schemas/CertificateDependencies' description: Dependencies fetched. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/certs/dependencies/{certId}' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden summary: Get Certificate Dependencies. tags: - Certificates /api/certs/details: get: description: Return a list that contains certificates and their full details. operationId: listDetailedCertificates parameters: - description: Use p query parameter to say which page you want returned. Send number less than 0 to return all items. example: 1 in: query name: p required: false schema: type: integer responses: "200": content: application/json: example: certificates: - dns_names: - .*tyk.io fingerprint: 7c440d66ebb0a4629d21329808dce9091acf5f2fde328067a6e60e5347271d90 has_private: false id: 5e9d9544a1dcd60001d0ed207c440d66ebb0a4629d21329808dce9091acf5f2fde328067a6e60e5347271d90 is_ca: false issuer: CommonName: tyk.io Country: - 'Peachtree ' ExtraNames: - Type: - 2 - 5 - 4 - 6 Value: 'Peachtree ' Locality: - JN Names: - Type: - 2 - 5 - 4 - 6 Value: Peachtree - Type: - 2 - 5 - 4 - 10 Value: tyk - Type: - 2 - 5 - 4 - 11 Value: tyk - Type: - 2 - 5 - 4 - 3 Value: tyk.io - Type: - 1 - 2 - 840 - 113549 - 1 - 9 - 1 Value: support@tyk.io Organization: - tyk OrganizationalUnit: - tyk PostalCode: - "00010" Province: - San Jore SerialNumber: "" StreetAddress: - River side drive not_after: "2034-03-26T08:46:37Z" not_before: "2024-03-25T08:46:37Z" subject: CommonName: tyk.io Country: - 'Peachtree ' ExtraNames: - Type: - 2 - 5 - 4 - 6 Value: 'Peachtree ' Locality: - JN Names: - Type: - 2 - 5 - 4 - 6 Value: 'Peachtree ' - Type: - 2 - 5 - 4 - 10 Value: tyk - Type: - 2 - 5 - 4 - 11 Value: tyk - Type: - 2 - 5 - 4 - 3 Value: tyk.io - Type: - 1 - 2 - 840 - 113549 - 1 - 9 - 1 Value: support@tyk.io Organization: - tyk OrganizationalUnit: - tyk PostalCode: - "00010" Province: - San Jore SerialNumber: "" StreetAddress: - River side drive pages: 1 schema: $ref: '#/components/schemas/CertificateDetailedList' description: Fetched certificates. "400": content: application/json: example: Message: Could not retrieve certs details. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Could not connect to gateway. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/certs/details' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "500": content: application/json: example: Message: Failed to marshal data for certificate list. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: List all certificates details. tags: - Certificates /api/examples: get: description: Returns a list of all example API definitions available in "repository.json" file defined in "x-tyk-examples-index" header. If the header is not provided, Tyk will use the default value of this header which is `tyk-examples` repo. operationId: getAPIExamples parameters: - description: URL path to the repository.json in the repository defined in `x-tyk-repo-url. example: https://raw.githubusercontent.com/TykTechnologies/tyk-examples/main/repository.json in: header name: x-tyk-examples-index schema: default: https://raw.githubusercontent.com/TykTechnologies/tyk-examples/main/repository.json type: string responses: "200": content: application/json: example: - location: udg/vat-checker name: VAT number checker UDG shortDescription: Simple REST API wrapped in GQL using Universal Data Graph that allows user to check validity of a VAT number and display some details about it. - location: udg/geo-info name: Geo information about the World shortDescription: Countries GQL API extended with information from geocode.xyz - location: udg/react-conferences name: React conferences in Europe shortDescription: Information about React conferences in Europe. This Data Graph stitches together two GQL APIs. The flag image is added by using Trevorblades API as a data source. schema: items: $ref: '#/components/schemas/ExampleAPIMetadata' type: array description: List of API examples response. "400": content: application/json: example: Message: Invalid examples index file or root path. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Bad Request "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/examples' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "500": content: application/json: example: Message: Failed to fetch examples index file. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Get a list of example API definitions. tags: - APIs /api/examples/{location}: get: description: Get the details of a single API definition, details include full name, location in the repository, description, features and min tyk version. operationId: getAPIExample parameters: - description: URL that points to the index file (repository.json) or root of a repository housing examples. example: https://raw.githubusercontent.com/TykTechnologies/tyk-examples/main/repository.json in: header name: x-tyk-examples-index schema: default: https://raw.githubusercontent.com/TykTechnologies/tyk-examples/main/repository.json type: string - description: Repository URL to fetch example API definitions from. example: https://github.com/TykTechnologies/tyk-examples.git in: header name: x-tyk-repo-url schema: default: https://github.com/TykTechnologies/tyk-examples.git type: string - description: Location of the tyk example in the repository defined in `x-tyk-repo-url`. example: udg/vat-checker in: path name: location required: true schema: type: string - description: If set to true, the response will contain the content of the Readme file for the specified example, the readme content will be present as the `readme` field. example: false in: query name: readme required: false schema: default: "false" type: boolean - description: If set to true, the response will contain the APIDefinition of the specified example, the definition will be present as the `apiDefinition` field. example: false in: query name: apiDef required: false schema: default: false type: boolean responses: "200": content: application/json: example: description: Simple REST API wrapped in GQL using Universal Data Graph that allows user to check validity of a VAT number and display some details about it. features: - REST Datasource location: udg/vat-checker min_version: "5.0" name: VAT number checker UDG schema: $ref: '#/components/schemas/DetailedExampleAPIMetadata' description: Details on the fetched example API definition. "400": content: application/json: example: Message: Invalid examples index file or root path. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Invalid parameters. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/examples/{location}' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "404": content: application/json: example: Message: Example API definition not found. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Example API definition not found. "500": content: application/json: example: Message: Failed to fetch example API definitions. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Get details of a single example API definition. tags: - APIs /api/hooks: get: description: Return a paginated list of webhooks. operationId: getWebhookList parameters: - description: Use p query parameter to say which page you want returned. Send number less than 0 to return all items. example: 1 in: query name: p required: false schema: type: integer responses: "200": content: application/json: example: hooks: - api_model: {} event_timeout: 0 header_map: secret: superscretkey x-auth: authvalue id: "363634393863643165326663643130303031383465636239" method: POST name: Expired Keys webhook org_id: 5e9d9544a1dcd60001d0ed20 target_path: https://httpbin.org/expired-keys template_path: "" webhook_id: 1f78e319202b430e92286cff3ca759e3 - api_model: {} event_timeout: 0 header_map: x-auth: keith id: "363634623338353335373135656334633936636265663364" method: POST name: Webhook Receiver Post org_id: 5e9d9544a1dcd60001d0ed20 target_path: https://httpbin.org/receiver template_path: "" webhook_id: 9aef65505d694792a25fd0334dde2661 pages: 1 schema: $ref: '#/components/schemas/WebHooks' description: Webhook fetched. "400": content: application/json: example: Message: Could not retrieve webhooks. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Failed to retrieve webhooks. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/hooks' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "500": content: application/json: example: Message: Failed to marshal data for APIs. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: List webhooks. tags: - Webhooks post: description: Create a webhook. The webhook method and target_path fields are required. Method can either be DELETE,GET,PUT,POST or PATCH. operationId: createWebhook requestBody: content: application/json: example: header_map: another-value: somevalue secret: superscretkey method: POST name: Expired Keys webhook target_path: https://httpbin.org/expired-keys schema: properties: header_map: additionalProperties: type: string nullable: true type: object method: type: string name: type: string target_path: type: string type: object description: Webhook data. responses: "200": content: application/json: example: Message: Webhook created Meta: null Status: OK schema: $ref: '#/components/schemas/ApiResponse' description: Webhook created. "400": content: application/json: example: Message: Webhook object validation failed. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: validation failed (required fields not sent in request body). "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: Request body malformed. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Malformed request body. "409": content: application/json: example: Message: Duplicate webhook_id. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Webhook with ID exist. "500": content: application/json: example: Message: Failed to read response body, body empty. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Empty request body. summary: Create a webhook. tags: - Webhooks /api/hooks/{hookId}: delete: description: Delete webhook with ID. operationId: deleteWebhook parameters: - description: ID of the webhook to delete. example: 66498cd1e2fcd1000184ecb9 in: path name: hookId required: true schema: type: string responses: "200": content: application/json: example: Message: Webhook deleted Meta: null Status: OK schema: $ref: '#/components/schemas/ApiResponse' description: Deleted successfully. "400": content: application/json: example: Message: Could not delete the webhook. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Deletion failed. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/hooks/{hookId}' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "404": content: application/json: example: Message: Could not retrieve webhook detail. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Webhook with ID not found. "500": content: application/json: example: Message: Attempted unauthorised access. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: You are not allowed in this org. summary: Delete web hook. tags: - Webhooks get: description: Get a webhook details with its ID. operationId: getWebhookDetail parameters: - description: ID of the webhook to fetch. example: 66498cd1e2fcd1000184ecb9 in: path name: hookId required: true schema: type: string responses: "200": content: application/json: example: api_model: {} event_timeout: 0 header_map: secret: superscretkey x-auth: authvalue id: "363634393863643165326663643130303031383465636239" method: POST name: Expired Keys webhook org_id: 5e9d9544a1dcd60001d0ed20 target_path: https://httpbin.org/expired-keys template_path: "" webhook_id: 1f78e319202b430e92286cff3ca759e3 schema: $ref: '#/components/schemas/WebHookHandlerConf' description: Webhook fetched. "400": content: application/json: example: Message: Could not retrieve webhook detail. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Webhook not found. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/hooks/{hookId}' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "500": content: application/json: example: Message: Failed to marshal data for webhook detail. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Get single webhook. tags: - Webhooks put: description: Update a web hook using its ID. The webhook method and target_path fields are required in the request body when updating. *Note the original webhook data will be completely replaced with the new update request object(so if for example you don't send the name or webhook_id fields in your request body those fields will be updated to empty string even if they existed in your original webhook object.)* operationId: updateWebhook parameters: - description: ID of the webhook to update example: 664b70285715ec4c96cbef3f in: path name: hookId required: true schema: type: string requestBody: content: application/json: example: header_map: another-value: somevalue secret: superscretkey method: POST name: Update WebHook Name target_path: https://httpbin.org/v2/changed-expired-keys schema: properties: header_map: additionalProperties: type: string nullable: true type: object method: type: string name: type: string target_path: type: string type: object responses: "200": content: application/json: example: Message: Hook updated Meta: null Status: OK schema: $ref: '#/components/schemas/ApiResponse' description: Webhook updated. "400": content: application/json: example: Message: Webhook not found. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Webhook with ID not found. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: Request body malformed. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Malformed request body. "500": content: application/json: example: Message: Failed to read response body, body empty. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Empty request body. summary: Update Webhook tags: - Webhooks /api/keys: post: description: |- Tyk will generate the access token based on the OrgID specified in the API Definition and a random UUID. This ensures that keys can be owned by different API owners should segmentation be needed at an organisational level.

API keys without access_rights data will be written to all APIs on the system (this also means that they will be created across all SessionHandlers and StorageHandlers, it is recommended to always embed access_rights data in a key to ensure that only targeted APIs and their back-ends are written to. operationId: addKey parameters: - description: Set this to true to create a basic user. Note you have to send basic_auth_data(user and password) in the request body if this value is set to true. example: true in: query name: basic_auth required: false schema: default: false type: boolean requestBody: content: application/json: example: alias: portal-key allowance: 1000 apply_policies: - 62a0ec9092faf50001395817 enable_detailed_recording: true expires: 1.718439136e+09 hmac_enabled: false is_inactive: false meta_data: tyk_developer_id: 62b3fb9a1d5e4f00017226f5 org_id: 5e9d9544a1dcd60001d0ed20 per: 60 quota_max: -1 quota_remaining: 0 quota_renewal_rate: -1 quota_renews: 1.715847135e+09 rate: 1000 tags: - edge-eu - edge throttle_interval: 0 throttle_retry_limit: 0 schema: $ref: '#/components/schemas/SessionState' responses: "200": content: application/json: schema: $ref: '#/components/schemas/KeyData' description: New Key added. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: Request body malformed. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unmarshalling request body failed, malformed. "500": content: application/json: example: Message: Failed to unmarshal key data. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Create a key. tags: - Keys /api/keys/{keyId}: delete: description: Deleting a key will remove it permanently from the system, however analytics relating to that key will still be available. operationId: deleteKey parameters: - description: If you are not sure if a key is hashed you can send this as true. example: true in: query name: auto_guess required: false schema: default: false type: boolean - description: Use the hash of the key as input instead of the full key.Any none empty string will be interpreted as to say you want to use hash input. example: "1" in: query name: hashed required: false schema: type: string - description: Set to true if the passed key is a username example: true in: query name: username required: false schema: type: boolean - description: The ID of the key. example: 5e9d9544a1dcd60001d0ed20e7f75f9e03534825b7aef9df749582e5 in: path name: keyId required: true schema: type: string responses: "200": content: application/json: example: Message: Key deleted successfully. Meta: null Status: OK schema: $ref: '#/components/schemas/ApiResponse' description: Key deleted. "400": content: application/json: example: Message: Attempted access to non-owned key. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Trying to access a key your org does not own. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/keys/{keyId}' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "404": content: application/json: example: Message: Could not retrieve key detail. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Key with ID not found "500": content: application/json: example: Message: Could not delete key. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Delete key. tags: - Keys get: description: Get the details of a key. operationId: getKeyDetail parameters: - description: The ID of the key. example: 5e9d9544a1dcd60001d0ed20e7f75f9e03534825b7aef9df749582e5 in: path name: keyId required: true schema: type: string - description: If you are not sure if a key is hashed you can send this as true. example: true in: query name: auto_guess required: false schema: default: false type: boolean - description: Use the hash of the key as input instead of the full key.Any none empty string will be interpreted as to say you want to use hash input. example: "1" in: query name: hashed required: false schema: type: string - description: Set to true if the passed key ID is a username. example: true in: query name: username required: false schema: type: boolean responses: "200": content: application/json: schema: $ref: '#/components/schemas/KeyData' description: Key Data fetched. "400": content: application/json: example: Message: Attempted access to non-owned key. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Trying to access a key your org does not own. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/keys/{keyId}' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "404": content: application/json: example: Message: Could not retrieve key detail. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Key with ID not found. "500": content: application/json: example: Message: Failed to unmarshal key data from Tyk API. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Get key Details. tags: - Keys post: description: Creates a key with a custom key ID. operationId: createCustomKey parameters: - description: The ID to give the key. example: my-custom-key in: path name: keyId required: true schema: type: string requestBody: content: application/json: example: alias: portal-key allowance: 1000 apply_policies: - 62a0ec9092faf50001395817 enable_detailed_recording: true expires: 1.718439136e+09 hmac_enabled: false is_inactive: false meta_data: tyk_developer_id: 62b3fb9a1d5e4f00017226f5 org_id: 5e9d9544a1dcd60001d0ed20 per: 60 quota_max: -1 quota_remaining: 0 quota_renewal_rate: -1 quota_renews: 1.715847135e+09 rate: 1000 tags: - edge-eu - edge throttle_interval: 0 throttle_retry_limit: 0 schema: $ref: '#/components/schemas/SessionState' responses: "200": content: application/json: schema: $ref: '#/components/schemas/KeyData' description: Key created. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: Request body malformed. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unmarshalling request body failed, malformed. "500": content: application/json: example: Message: Failed to unmarshal Key data. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Create custom key. tags: - Keys put: description: You can also manually add keys to Tyk using your own key-generation algorithm. It is recommended if using this approach to ensure that the OrgID being used in the API definition and the key data is blank so that Tyk does not try to prepend or manage the key in any way. operationId: updateKeyDetail parameters: - description: The ID of the key. example: 5e9d9544a1dcd60001d0ed20e7f75f9e03534825b7aef9df749582e5 in: path name: keyId required: true schema: type: string - description: Use the hash of the key as input instead of the full key. Any none empty string will be interpreted as to say you want to use hash input. example: "1" in: query name: hashed required: false schema: type: string - description: If you are not sure if a key is hashed you can send this as true. example: true in: query name: auto_guess required: false schema: default: false type: boolean - description: Set to true if the passed key ID is a username. example: true in: query name: username required: false schema: type: boolean - description: Adding the suppress_reset parameter and setting it to 1, will cause Tyk not to reset the quota limit that is in the current live quota manager. By default Tyk will reset the quota in the live quota manager (initialising it) when adding a key. Adding the `suppress_reset` flag to the URL parameters will avoid this behaviour. in: query name: suppress_reset required: false schema: type: string requestBody: content: application/json: example: alias: portal-key allowance: 1000 apply_policies: - 62a0ec9092faf50001395817 enable_detailed_recording: true expires: 1.718439136e+09 hmac_enabled: false is_inactive: false meta_data: tyk_developer_id: 62b3fb9a1d5e4f00017226f5 org_id: 5e9d9544a1dcd60001d0ed20 per: 60 quota_max: -1 quota_remaining: 0 quota_renewal_rate: -1 quota_renews: 1.715847135e+09 rate: 1000 tags: - edge-eu - edge throttle_interval: 0 throttle_retry_limit: 0 schema: $ref: '#/components/schemas/SessionState' responses: "200": content: application/json: schema: $ref: '#/components/schemas/KeyData' description: Key updated "400": content: application/json: example: Message: User/Key object validation failed, most likely malformed input. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: malformed input. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: Request body malformed. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unmarshalling request body failed, malformed. "404": content: application/json: example: Message: Could not retrieve key detail. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Key with ID not found. "500": content: application/json: example: Message: Failed to unmarshal key data. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Update key. tags: - Keys /api/keys/detailed: get: description: List all the keys and all the keys details. If `q` query parameter is passed it will only return keys whose key ID contain the passed text. operationId: getKeysDetailed parameters: - description: Filter and return all keys that contain this text in there key ID. example: itachi in: query name: q required: false schema: type: string responses: "200": content: application/json: schema: $ref: '#/components/schemas/KeysDetailed' description: Keys fetched. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/keys/detailed' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "404": content: application/json: example: Message: Could not retrieve keys. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unable to connect to the gateway. "500": content: application/json: example: Message: Failed to unmarshal keys data from Tyk API. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: List All the Keys info. tags: - Keys /api/keys/preview: post: description: This will check if the body of a key definition is valid. And return a response with how the key would look like if you create it. operationId: validateAKeyDefinition requestBody: content: application/json: example: alias: portal-key allowance: 1000 apply_policies: - 62a0ec9092faf50001395817 enable_detailed_recording: true expires: 1.718439136e+09 hmac_enabled: false is_inactive: false meta_data: tyk_developer_id: 62b3fb9a1d5e4f00017226f5 org_id: 5e9d9544a1dcd60001d0ed20 per: 60 quota_max: -1 quota_remaining: 0 quota_renewal_rate: -1 quota_renews: 1.715847135e+09 rate: 1000 tags: - edge-eu - edge throttle_interval: 0 throttle_retry_limit: 0 schema: $ref: '#/components/schemas/SessionState' responses: "200": content: application/json: schema: $ref: '#/components/schemas/KeyData' description: Key definition is valid. "400": content: application/json: example: Message: User/Key object validation failed. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Malformed key data. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: Request body malformed. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Malformed request. "500": content: application/json: example: Message: Failed to unmarshal User data. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: This will validate a key definition. tags: - Keys /api/org/opa: get: description: List your organisation OPA rules. operationId: getOPARules responses: "200": content: application/json: example: open_policy: rules: |- package dashboard_users default request_intent = "read" request_intent = "write" { input.request.method == "POST" } request_intent = "write" { input.request.method == "PUT" } request_intent = "delete" { input.request.method == "DELETE" } deny["You cannot create a keyless API."] { request_intent == "write" contains(input.request.path, "api/apis") input.request.body.api_definition.use_keyless == true } schema: $ref: '#/components/schemas/NewOPARules' description: OPA rules fetched. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: Your license does not support Open Policy. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Upgrade licence. "500": content: application/json: example: Message: Failed to identify organisation. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: List OPA rules. tags: - Open Policy Agent put: description: Modify your OPA rules. operationId: updateOrgOPARules requestBody: content: application/json: example: open_policy: rules: |- package dashboard_users default request_intent = "read" request_intent = "write" { input.request.method == "POST" } request_intent = "write" { input.request.method == "PUT" } request_intent = "delete" { input.request.method == "DELETE" } deny["You cannot create a keyless API."] { request_intent == "write" contains(input.request.path, "api/apis") input.request.body.api_definition.use_keyless == true } schema: $ref: '#/components/schemas/NewOPARules' description: Create rule to prevent creation of keyless APIs. responses: "200": content: application/json: example: Message: OPA rules has been updated on org level. Meta: null Status: OK schema: $ref: '#/components/schemas/ApiResponse' description: OPA rules updated. "400": content: application/json: example: Message: Invalid OPA rules. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Invalid OPA rules. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: Your license does not support Open Policy. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Upgrade licence. "500": content: application/json: example: Message: Failed to unmarshal response body. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: malformed request body. summary: Update OPA rules. tags: - Open Policy Agent /api/org/permissions: get: description: This API returns by default the initial set of additional permissions defined in your Tyk Dashboard configuration, under `security.additional_permissions`. Once you update the permissions via the API, they will be stored at organisation level. operationId: listAdditionalPermissions responses: "200": content: application/json: example: additional_permissions: api_developer: API Developer api_manager: API Manager schema: $ref: '#/components/schemas/NewAdditionalPermissions' description: Additional Permissions retrieved successfully. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/org/permissions' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "500": content: application/json: example: Message: Failed to marshal additional permissions. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: List additional permissions. tags: - Additional Permissions put: description: 'Whenever you want to add/update/delete an additional permission, just send back the updated list of permissions, through this PUT request to the API. For example if you initially had two additional permissions e.g ```{additional_permissions: {api_developer: API Developer, api_manager: API Manager}}``` to add a third permission called `custom_permission` you would append it to the original permission list and your request body would be: ```{additional_permissions: {api_developer: API Developer, api_manager: API Manager, custom_permission: Custom Permission}}```.' operationId: updateAdditionalPermissions requestBody: content: application/json: example: additional_permissions: api_developer: API Developer api_manager: API Manager custom_permission: Custom Permission schema: $ref: '#/components/schemas/NewAdditionalPermissions' responses: "200": content: application/json: example: Message: Additional Permissions updated in org level. Meta: null Status: OK schema: $ref: '#/components/schemas/ApiResponse' description: Additional Permissions updated successfully. "400": content: application/json: example: Message: Failed to read response body. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Empty request body. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/org/permissions' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "500": content: application/json: example: Message: Failed to unmarshal response body. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Invalid request body or failed to save permission. summary: Add/Delete/Update additional permission. tags: - Additional Permissions /api/portal/policies: get: description: Get list of policies. The result returned are paginated. Use the p query parameter to say which page you want returned. The default pagesize of the results is 10 but this can be changed in the dashboard config. operationId: getPolicies parameters: - description: Use p query parameter to say which page you want returned. Send number less than 0 to return all items. example: 1 in: query name: p required: false schema: type: integer - description: Send any value in this query parameter to return only the active policies. example: "true" in: query name: active required: false schema: type: string responses: "200": content: application/json: examples: policiesExample: $ref: '#/components/examples/policiesExample' schema: $ref: '#/components/schemas/ReturnDataStruct' description: List of all policies. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/portal/policies' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Returned if you do not have access to policies. "404": content: application/json: example: Message: Could not retrieve object list. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Not Found "500": content: application/json: example: Message: Failed to marshal data. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Get list portal policies. tags: - Policies post: description: Creating policy definitions is slightly different to the core API, API definitions are wrapped inside an api_definition field and event handlers, such as webhooks are not embedded in the main api_definition object (though they can be), webhooks are instead appended as references into the hook_references field, the API will embed the correct webhook data into the event handler interface. operationId: postPolicies requestBody: content: application/json: example: access_rights: 8ddd91f3cda9453442c477b06c4e2da4: allowed_urls: - methods: - GET url: /users api_id: 8ddd91f3cda9453442c477b06c4e2da4 api_name: Itachi API disable_introspection: false versions: - Default active: true hmac_enabled: false is_inactive: false key_expires_in: 2.592e+06 max_query_depth: -1 meta_data: email: itachi@tyk.io user_type: mobile_user name: Sample policy partitions: acl: true complexity: false per_api: false quota: true rate_limit: true per: 60 quota_max: 10000 quota_renewal_rate: 3600 rate: 1000 tags: - security throttle_interval: 10 throttle_retry_limit: 10 schema: $ref: '#/components/schemas/Policy' responses: "200": content: application/json: example: Message: 663b4bbd5715ec323b424dca Meta: null Status: OK schema: $ref: '#/components/schemas/ApiResponse' description: Policy created. "400": content: application/json: example: Message: This policy name has already been used. Enter a unique policy name. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Returned when the policy body fails validation. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: Request body malformed. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Returned when you send a malformed request body or when you don't have permission to add this object. "500": content: application/json: example: Message: Failure creating data, please contact your administrator. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Create policy definition. tags: - Policies /api/portal/policies/{id}: delete: description: Delete a Policy by ID. operationId: deletePolicy parameters: - description: ID of policy to delete. example: 66570989d98dd00001da17f1 in: path name: id required: true schema: type: string responses: "200": content: application/json: example: Message: Data deleted Meta: null Status: OK schema: $ref: '#/components/schemas/ApiResponse' description: Deleted policy successfully. "400": content: application/json: example: Message: Invalid policy ID. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Returned when you send a policy ID that is invalid. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/portal/policies/{id}' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Returned if you do not have access to policies. "404": content: application/json: example: Message: Could not retrieve object for deletion Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Returned if policy with specified ID does not exist. "500": content: application/json: example: Message: Failure deleting data, please contact your administrator. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Delete a single policy by ID. tags: - Policies get: description: Get a policy by ID. operationId: getPolicy parameters: - description: ID of policy to get. example: 66570989d98dd00001da17f1 in: path name: id required: true schema: type: string responses: "200": content: application/json: example: access_rights: 8ddd91f3cda9453442c477b06c4e2da4: allowed_urls: - methods: - GET url: /users api_id: 8ddd91f3cda9453442c477b06c4e2da4 api_name: Itachi API disable_introspection: false versions: - Default active: true hmac_enabled: false is_inactive: false key_expires_in: 2.592e+06 max_query_depth: -1 meta_data: email: itachi@tyk.io user_type: mobile_user name: Sample policy partitions: acl: true complexity: false per_api: false quota: true rate_limit: true per: 60 quota_max: 10000 quota_renewal_rate: 3600 rate: 1000 tags: - security throttle_interval: 10 throttle_retry_limit: 10 schema: $ref: '#/components/schemas/Policy' description: Policy fetched. "400": content: application/json: example: Message: Invalid policy ID. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Returned when you send a policy ID that is invalid. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/portal/policies/{id}' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "404": content: application/json: example: Message: Could not retrieve portal object. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Policy with the given ID was not found. "500": content: application/json: example: Message: Failure creating data, please contact your administrator. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Get a single policy by ID. tags: - Policies put: description: Update a policy definition. operationId: putPolicies parameters: - description: ID of policy to update. example: 66570989d98dd00001da17f1 in: path name: id required: true schema: type: string requestBody: content: application/json: example: access_rights: 8ddd91f3cda9453442c477b06c4e2da4: allowed_urls: - methods: - GET url: /users api_id: 8ddd91f3cda9453442c477b06c4e2da4 api_name: Itachi API disable_introspection: false versions: - Default active: true hmac_enabled: false is_inactive: false key_expires_in: 2.592e+06 max_query_depth: -1 meta_data: email: itachi@tyk.io user_type: mobile_user name: Sample policy partitions: acl: true complexity: false per_api: false quota: true rate_limit: true per: 60 quota_max: 10000 quota_renewal_rate: 3600 rate: 1000 tags: - security - messages throttle_interval: 10 throttle_retry_limit: 10 schema: $ref: '#/components/schemas/Policy' responses: "200": content: application/json: example: Message: Data updated Meta: null Status: OK schema: $ref: '#/components/schemas/ApiResponse' description: Policy updated. "400": content: application/json: example: Message: Invalid policy ID. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Returned when you send an invalid ID or when the policy body fails validation. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: Request body malformed. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Returned when you send a malformed request body or when you don't have permission to update this object. "404": content: application/json: example: Message: Could not retrieve portal object. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Returned if policy with specified ID does not exist. "500": content: application/json: example: Message: Failure saving data, please contact your administrator. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Update policy definition. tags: - Policies /api/portal/policies/search: get: description: Search list of policies. If query parameter q is a policy ID it will look for policies that have the given ID. However if q is not a policy ID it will return policies with whose name matches the patten based via q query parameter. If you send a policy ID in query parameter q and also send query parameter policy_ids,only policy_ids will be used for searching. operationId: searchPolicies parameters: - description: Search for policy using policy ID or name. example: 5eb6349543f0440001373f5c in: query name: q required: false schema: type: string - description: A list of comma separated policy IDs that you want to search for. example: 5eb6349543f0440001373f5c,5ead7120575961000181867e in: query name: policy_ids required: false schema: type: string - description: Send any value in this query parameter to return only the active policies. example: "true" in: query name: active required: false schema: type: string - description: Return policies whose state field matches the sent value e.g if you send state as deny policies returned are those whose state filed value is set as deny. example: deny in: query name: state required: false schema: enum: - deny - active - draft type: string - description: Field you want to use to sort the returned policies. example: name in: query name: sort required: false schema: enum: - date_created - name - state type: string - description: Comma separate list of API IDs. Return only policy that that have the given API IDs in their access_right. example: 5963f8fdedee405143f5858ea17de422 in: query name: api_id required: false schema: type: string - description: Return policy whose auth_type field has the given value. example: authToken in: query name: auth_type required: false schema: type: string - description: Use p query parameter to say which page you want returned. Send number less than 0 to return all items. example: 1 in: query name: p required: false schema: type: integer responses: "200": content: application/json: examples: policiesExample: $ref: '#/components/examples/policiesExample' schema: $ref: '#/components/schemas/ReturnDataStruct' description: List of policies. "400": content: application/json: example: Message: Policy ID is not in hex format. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Returned when you send policy IDs that are not in hexadecimal format. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/portal/policies/search' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "404": content: application/json: example: Message: Could not retrieve policies. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Not Found "500": content: application/json: example: Message: Failed to marshal data Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Search list of policies. tags: - Policies /api/schema: get: deprecated: true description: Get API definition OAS schema. An alias to `/api/schemas/apidefs/oas`. operationId: getSchema parameters: - description: The OAS version. example: 3.0.3 in: query name: oasVersion required: false schema: type: string - description: Pretty print the result. example: 'true' in: query name: pretty required: false schema: type: string responses: "200": content: application/json: schema: $ref: '#/components/schemas/OASSchemaResponse' description: OAS schema response. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/schema' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "500": content: application/json: example: Message: Could not retrieve schema. schema not found for version. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Get API definition OAS schema. tags: - Schemas /api/schemas/apidefs: get: description: Get all API definition schemas. operationId: getAllApidefsSchema parameters: - description: The OAS version. example: 3.0.3 in: query name: oasVersion required: false schema: type: string responses: "200": content: application/json: schema: $ref: '#/components/schemas/AllApidefSchemasResponse' description: All API definition schemas response. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/schemas/apidefs' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "500": content: application/json: example: Message: Could not retrieve schema. schema not found for version. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Get all API definition schemas. tags: - Schemas /api/schemas/apidefs/oas: get: description: Get API definition OAS schema. operationId: getApidefOASSchema parameters: - description: The OAS version. example: 3.0.3 in: query name: oasVersion required: false schema: type: string - description: Pretty print the result. example: 'true' in: query name: pretty required: false schema: type: string responses: "200": content: application/json: schema: $ref: '#/components/schemas/OASSchemaResponse' description: OAS schema response. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/schemas/apidefs/oas' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "500": content: application/json: example: Message: Could not retrieve schema. schema not found for version. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Get API definition OAS schema. tags: - Schemas /api/schemas/apidefs/streams-oas: get: description: Retrieve schema for Tyk Streams APIs, enabling developers and integrators to validate or generate stream-based API definitions programmatically. Optionally select the OAS version and pretty-print formatting. operationId: getApidefStreamsOASSchema parameters: - description: The OAS version. example: 3.0.3 in: query name: oasVersion required: false schema: type: string - description: Pretty print the result. example: 'true' in: query name: pretty required: false schema: type: string responses: "200": content: application/json: schema: $ref: '#/components/schemas/OASSchemaResponse' description: OAS schema response. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/schemas/apidefs/streams-oas' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "500": content: application/json: example: Message: Could not retrieve schema. schema not found for version. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Get API definition Streams OAS schema. tags: - Schemas /api/sso: post: description: The Dashboard exposes the /api/sso Dashboard API which allows you to generate a temporary authentication token, valid for 60 seconds. operationId: generateAuthToken requestBody: content: application/json: example: DisplayName: "" EmailAddress: name@somewhere.com ForSection: dashboard GroupID: "" OrgID: 588b4f0bb275ff0001cc7471 SSOOnlyForRegisteredUsers: false UserNotAllowed: false schema: $ref: '#/components/schemas/SSOAccessData' responses: "200": content: application/json: example: Message: SSO Nonce created. Meta: YTNiOGUzZjctYWZkYi00OTNhLTYwODItZTAzMDI3MjM0OTEw Status: OK schema: $ref: '#/components/schemas/ApiResponse' description: Created successfully. "400": content: application/json: example: Message: Request body malformed. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Malformed request body. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: SSO not enabled for org. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "500": content: application/json: example: Message: Failed to read response body, body empty. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Generate authentication token. tags: - Single Sign On /api/system/stats: get: description: Get system usage info with license entitlements for a specified date range. Return history for current and previous year if no date query parameters are provided. operationId: getSystemStats parameters: - $ref: '#/components/parameters/startDate' - $ref: '#/components/parameters/endDate' - description: Resolve daily. example: day in: query name: resolution required: false schema: enum: - day type: string - description: The entity for which stats should be retrieved. example: apis in: query name: entity required: false schema: default: apis enum: - apis - dataplanes - dataplanes.gateways type: string responses: "200": content: application/json: schema: $ref: '#/components/schemas/SystemStatsResp' description: System statistics details. "400": content: application/json: example: Message: Request validation failed. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Bad request. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/system/stats' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "404": content: application/json: example: Message: Stats not found. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Stats not found. "500": content: application/json: example: Message: Failed to system stats. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Get system usage info. tags: - System /api/usergroups: get: description: This will return a list of all the user groups. The returned user groups are paginated. operationId: listUserGroups parameters: - description: Use p query parameter to say which page you want returned. Send number less than 0 to return all items. example: 1 in: query name: p required: false schema: type: integer responses: "200": content: application/json: example: groups: - active: true description: devs company id: "363634393938366435373135656334633936636265663262" name: devs org_id: 5e9d9544a1dcd60001d0ed20 password_max_days: 0 user_permissions: analytics: read api_assets: write apis: write certs: write hooks: write idm: write keys: write log: read oauth: write owned_analytics: deny policies: write portal: write system: write user_groups: write users: write websockets: read - active: true description: Devops logs and analytics access id: "363634396664346235373135656334633936636265663338" name: Devops org_id: 5e9d9544a1dcd60001d0ed20 password_max_days: 0 user_permissions: analytics: read log: read pages: 1 schema: $ref: '#/components/schemas/UserGroups' description: User groups fetched. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/usergroups' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "404": content: application/json: example: Message: Could not retrieve user groups. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unable to fetch groups. "500": content: application/json: example: Message: Failed to unmarshal keys data from Tyk API. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: List user groups. tags: - UserGroup post: description: Instead of assigning permission to each individual users, per user, you can create a user group and configure the permissions for all users in the group. This endpoint allow you to create a user group and set permission for the user group. operationId: createUserGroup requestBody: content: application/json: example: active: true description: Devops logs and analytics access name: Devops org_id: 5e9d9544a1dcd60001d0ed20 user_permissions: analytics: read log: read schema: $ref: '#/components/schemas/UserGroup' responses: "200": content: application/json: example: Message: User group created Meta: 6649fb3e5715ec4c96cbef36 Status: OK schema: $ref: '#/components/schemas/ApiResponse' description: User group created. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: Request body malformed. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Malformed request data. "500": content: application/json: example: Message: Failed to read response body, body empty. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Create user group. tags: - UserGroup /api/usergroups/{groupId}: delete: description: Delete user group using the group ID. operationId: deleteUserGroup parameters: - description: ID of the group you want to delete. example: 6649fd535715ec4c96cbef39 in: path name: groupId required: true schema: type: string responses: "200": content: application/json: example: Message: User group deleted Meta: null Status: OK schema: $ref: '#/components/schemas/ApiResponse' description: OK "400": content: application/json: example: Message: Could not delete the user group. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Failed to delete user group. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/usergroups/{groupId}' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "404": content: application/json: example: Message: Could not retrieve user detail. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Group not found. "500": content: application/json: example: Message: Attempted unauthorised access. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Delete user group. tags: - UserGroup get: description: Return a user group object with all the details of a specified group. operationId: getUserGroup parameters: - description: ID of the group you want to fetch. example: 6649fd535715ec4c96cbef39 in: path name: groupId required: true schema: type: string responses: "200": content: application/json: example: active: true description: Devops logs and analytics access id: "363634396664346235373135656334633936636265663338" name: Devops org_id: 5e9d9544a1dcd60001d0ed20 password_max_days: 0 user_permissions: analytics: read log: read schema: $ref: '#/components/schemas/UserGroup' description: User grouped fetched. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/usergroups/{groupId}' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "404": content: application/json: example: Message: Could not retrieve user group detail. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Group not found. "500": content: application/json: example: Message: Attempted unauthorised access. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Get user group details. tags: - UserGroup put: description: Update the details of a user group. You must have either admin or user groups permission to be able to modify user groups. Note you cannot update the ResetPassword permission with this endpoint. For that you need to use Admin API. When updating a user group you also need to specify at least one permission in the user_permissions field. operationId: updateUserGroup parameters: - description: ID of the group you want to update. example: 6649fd535715ec4c96cbef39 in: path name: groupId required: true schema: type: string requestBody: content: application/json: example: active: true description: Devops logs and analytics access name: Devops org_id: 5e9d9544a1dcd60001d0ed20 user_permissions: analytics: read log: read schema: $ref: '#/components/schemas/UserGroup' responses: "200": content: application/json: example: Message: User group updated Meta: null Status: OK schema: $ref: '#/components/schemas/ApiResponse' description: OK "400": content: application/json: example: Message: Group ID does not exist Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Group not found or malformed request body. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/usergroups/{groupId}' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "500": content: application/json: example: Message: Attempted unauthorised access. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Update user group. tags: - UserGroup /api/users: get: description: Lists dashboard users operationId: getUsers parameters: - description: Use p query parameter to say which page you want returned. Send number less than 0 to return all items. example: 1 in: query name: p required: false schema: type: integer responses: "200": content: application/json: example: pages: 1 users: - access_key: d7ebef749e4348cb67fec3cfc81f0a50 active: true api_model: {} created_at: "2024-05-19T08:23:29.173+03:00" email_address: multi-org-user@example.org first_name: Multi org group_id: "" id: "363634393863643165326663643130303031383465636235" last_login_date: "2024-05-19T08:45:09.53319+03:00" last_name: User org_id: 5e9d9544a1dcd60001d0ed20 password_max_days: 0 password_updated: "2024-05-19T08:23:29.281+03:00" user_permissions: IsAdmin: admin ResetPassword: admin - access_key: f4b94c64017043dc4d1918db7e3436dd active: true api_model: {} created_at: "2024-05-19T08:23:29.034+03:00" email_address: admin-user@example.org first_name: Admin group_id: "" id: "363634393863643165326663643130303031383465636234" last_login_date: "2024-05-19T08:42:22.659839+03:00" last_name: User org_id: 5e9d9544a1dcd60001d0ed20 password_max_days: 0 password_updated: "2024-05-19T08:23:29.146+03:00" user_permissions: IsAdmin: admin ResetPassword: admin - access_key: d19fc75cd3aa497f6cb042f72e47ce8c active: true api_model: {} created_at: "2024-05-19T08:45:09.53319+03:00" email_address: itachi.w@tyk.io first_name: sasuke group_id: "" id: "363634393931653535373135656334633936636265663261" last_login_date: "2024-05-19T08:45:09.53319+03:00" last_name: itachi org_id: 5e9d9544a1dcd60001d0ed20 password_max_days: 0 password_updated: "2024-05-19T08:45:09.53319+03:00" user_permissions: IsAdmin: admin - access_key: b26feb8ff86b48e15ae2513a2de6f8f7 active: true api_model: {} created_at: "2024-05-19T09:14:13.461142+03:00" email_address: munene@gmail.com first_name: munene group_id: 6649986d5715ec4c96cbef2b id: "363634393938623535373135656334633936636265663263" last_login_date: "2024-05-19T08:45:09.53319+03:00" last_name: wachira org_id: 5e9d9544a1dcd60001d0ed20 password_max_days: 0 password_updated: "2024-05-19T09:14:13.461142+03:00" user_permissions: analytics: read api_assets: write apis: write certs: write hooks: write idm: write keys: write log: read oauth: write policies: write portal: write system: write user_groups: write users: write websockets: read schema: $ref: '#/components/schemas/Users' description: Users retrieved successfully. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/users' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "404": content: application/json: example: Message: Could not retrieve users. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Error retrieving users from db. "500": content: application/json: example: Message: Failed to unmarshal keys data from Tyk API Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: List users tags: - Users post: description: 'Create a user. If you want to create an admin user, you need to send {IsAdmin: admin} in the user_permissions field e.g ```{user_permissions: {IsAdmin: admin},last_name: sasuke,email_address: itachi@gmail.com,first_name: itachi}```. You can add a user to a given user-group by sending the group_id in the request body. If you want to give a user access only to specific objects e.g policies you can send the object and the permission granted to the user (read or write permission in the user_permissions field (check the request example given for more details)).' operationId: addUser requestBody: content: application/json: example: active: true email_address: itachi@gmail.com first_name: itachi last_name: sasuke user_permissions: analytics: read api_assets: write apis: write certs: write hooks: write idm: write keys: write log: read oauth: write policies: write portal: write system: write user_groups: write users: write websockets: read schema: $ref: '#/components/schemas/User' responses: "200": content: application/json: example: Message: User and session have been created Meta: 6649a9e85715ec4c96cbef2f Status: OK schema: $ref: '#/components/schemas/ApiResponse' description: User added successfully. "400": content: application/json: example: Message: User object validation failed. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Failure to send all required fields. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: User email already exists for this org. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: User already exist. "500": content: application/json: example: Message: Couldn't retrieve user session details. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Add user. tags: - Users /api/users/{userId}: delete: description: Delete a user with user ID. operationId: deleteUser parameters: - description: User ID of the user to delete. example: 66498cd1e2fcd1000184ecb4 in: path name: userId required: true schema: type: string responses: "200": content: application/json: example: Message: User deleted Meta: null Status: OK schema: $ref: '#/components/schemas/ApiResponse' description: OK "400": content: application/json: example: Message: Could not delete the user. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Failed to delete user. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/users/{userId}' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "404": content: application/json: example: Message: Could not retrieve user detail. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: User not found. "500": content: application/json: example: Message: Attempted unauthorised access. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Delete a user. tags: - Users get: description: Return a user object with details of the user specified by user ID in path. operationId: getUser parameters: - description: User ID of the user to retrieve data for. example: 66498cd1e2fcd1000184ecb4 in: path name: userId required: true schema: type: string responses: "200": content: application/json: example: access_key: f4b94c64017043dc4d1918db7e3436dd active: true api_model: {} created_at: "2024-05-19T08:23:29.034+03:00" email_address: admin-user@example.org first_name: Admin group_id: "" id: "363634393863643165326663643130303031383465636234" last_login_date: "2024-05-19T08:42:22.659839+03:00" last_name: User org_id: 5e9d9544a1dcd60001d0ed20 password_max_days: 0 password_updated: "2024-05-19T08:23:29.146+03:00" user_permissions: IsAdmin: admin ResetPassword: admin schema: $ref: '#/components/schemas/User' description: User retrieved successfully. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/users/{userId}' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "404": content: application/json: example: Message: Could not retrieve user detail. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: User not found. "500": content: application/json: example: Message: Attempted unauthorised access. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Get user details. tags: - Users put: description: Update a user with user ID. If you update the user as inactive they will be logged out of all dashboard sessions. User password can only be updated via admin API or the update password endpoint. ResetPassword is also only available via the admin API. operationId: updateUser parameters: - description: USER ID of the user to update example: 66498cd1e2fcd1000184ecb4 in: path name: userId required: true schema: type: string requestBody: content: application/json: example: active: true email_address: itachi@gmail.com first_name: itachi last_name: sasuke user_permissions: IsAdmin: admin schema: properties: active: type: boolean email_address: type: string first_name: type: string last_name: type: string user_permissions: $ref: '#/components/schemas/UserPermissionObject' type: object responses: "200": content: application/json: example: Message: User updated Meta: null Status: OK schema: $ref: '#/components/schemas/ApiResponse' description: Updated successfully. "400": content: application/json: example: Message: user does not exist. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: User not found or malformed request body. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: To create a user specify at least one permission, or make them an admin. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Empty user rights or invalid email format. "500": content: application/json: example: Message: Attempted unauthorised access. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Update user. tags: - Users /api/users/{userId}/actions/key/reset: put: description: Reset specified user's Dashboard API access credentials by generating a new access key for the specified user. operationId: resetUserKey parameters: - description: User ID of the user whose key you want to reset. example: 66498cd1e2fcd1000184ecb4 in: path name: userId required: true schema: type: string responses: "200": content: application/json: example: Message: User session renewed Meta: null Status: OK schema: $ref: '#/components/schemas/ApiResponse' description: New access key generated. "400": content: application/json: example: Message: Problem updating user with new key. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unable to update user details. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/users/{userId}/actions/key/reset' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "404": content: application/json: example: Message: Could not retrieve user detail. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: User not found "500": content: application/json: example: Message: Attempted unauthorised access. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Reset user Dashboard API access credentials. tags: - Users /api/users/{userId}/actions/reset: post: description: Set a user's password. The password need to be 6 character long. If you are trying to update another users password you also need to have permission to update they password or you need to be a super-admin. You cannot also reuse a password. operationId: setUserPassword parameters: - description: User ID of the user whose password is being reset. example: 66498cd1e2fcd1000184ecb4 in: path name: userId required: true schema: type: string requestBody: content: application/json: example: api_model: {} current_password: minimum6charactersPassword new_password: newMinimum6CharactersPassword schema: $ref: '#/components/schemas/UserPassword' responses: "200": content: application/json: example: Message: User password updated Meta: null Status: OK schema: $ref: '#/components/schemas/ApiResponse' description: OK "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: Request body malformed. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Malformed request body or you don't have permission to change this users password. "500": content: application/json: example: Message: Attempted unauthorised access. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Set user password. tags: - Users /api/users/{userId}/actions/revoke: put: description: This will set the use account as inactive. It will also disable API Access and log out the user from all dashboards. operationId: revokeUser parameters: - description: User ID of the user whose access you want to revoke. example: 66498cd1e2fcd1000184ecb4 in: path name: userId required: true schema: type: string responses: "200": content: application/json: example: Message: User revoked Meta: null Status: OK schema: $ref: '#/components/schemas/ApiResponse' description: OK "400": content: application/json: example: Message: Could not retrieve user detail. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: User not found. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/users/{userId}/actions/revoke' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "500": content: application/json: example: Message: Attempted unauthorised access. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Revoke user. tags: - Users /api/users/me: get: description: Return a user object with the details of the current user. This request need to have a session cookie with the key authorisation. operationId: currentUserDetail parameters: - description: authorisation session cookie example: 1b7eecc5-6dt5-4df8-5472-0c7frc3ae4f2 in: cookie name: authorisation required: true schema: type: string responses: "200": content: application/json: example: access_key: d7ebef749e4348cb67fec3cfc81f0a50 active: true api_model: {} created_at: "2024-05-19T08:23:29.173+03:00" email_address: multi-org-user@example.org first_name: Multi org group_id: "" id: "363634393863643165326663643130303031383465636235" last_login_date: "2024-05-19T08:45:09.53319+03:00" last_name: User org_id: 5e9d9544a1dcd60001d0ed20 password_max_days: 0 password_updated: "2024-05-19T08:23:29.281+03:00" user_permissions: IsAdmin: admin ResetPassword: admin schema: $ref: '#/components/schemas/User' description: OK "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/users/me' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "404": content: application/json: example: Message: Could not retrieve current user detail. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: User not found "500": content: application/json: example: Message: Failed to marshal current user data. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Get current user. tags: - Users /api/users/search: get: deprecated: true description: This endpoint allows you to search for users by providing their email address as a query parameter. operationId: searchUserGet parameters: - description: Query term used to search for users (email address). example: itachi@tyk.io in: query name: q required: true schema: type: string - description: Use p query parameter to say which page you want returned. Send number less than 0 to return all items. example: 1 in: query name: p required: false schema: type: integer responses: "200": content: application/json: example: pages: 1 users: - access_key: d19fc75cd3aa497f6cb042f72e47ce8c active: true api_model: {} created_at: "2024-05-19T08:45:09.53319+03:00" email_address: itachi.w@tyk.io first_name: sasuke group_id: "" id: "363634393931653535373135656334633936636265663261" last_login_date: "2024-05-19T08:45:09.53319+03:00" last_name: itachi org_id: 5e9d9544a1dcd60001d0ed20 password_max_days: 0 password_updated: "2024-05-19T08:45:09.53319+03:00" user_permissions: IsAdmin: admin schema: $ref: '#/components/schemas/Users' description: User searched. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/users/search' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "404": content: application/json: example: Message: Could not search users. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unable to search user. summary: Search Users(Deprecated) tags: - Users post: description: This endpoint allows you to search for users with their email address (e.g if you send the filter @gmail.com` in the request payload, all users whole email contain the string @gmail.com will be returned). operationId: searchUser parameters: - description: Use p query parameter to say which page you want returned. Send number less than 0 to return all items. example: 1 in: query name: p required: false schema: type: integer requestBody: content: application/json: example: filters: query: itachi@tyk.io schema: $ref: '#/components/schemas/UserSearchPayload' description: User search criteria. responses: "200": content: application/json: example: pages: 1 users: - access_key: d19fc75cd3aa497f6cb042f72e47ce8c active: true api_model: {} created_at: "2024-05-19T08:45:09.53319+03:00" email_address: itachi.w@tyk.io first_name: sasuke group_id: "" id: "363634393931653535373135656334633936636265663261" last_login_date: "2024-05-19T08:45:09.53319+03:00" last_name: itachi org_id: 5e9d9544a1dcd60001d0ed20 password_max_days: 0 password_updated: "2024-05-19T08:45:09.53319+03:00" user_permissions: IsAdmin: admin schema: $ref: '#/components/schemas/Users' description: User searched. "400": content: application/json: example: Message: Could not extract search filter from request body. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unable to get filters. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/users/search' Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Forbidden "404": content: application/json: example: Message: Could not search users. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Unable to search user. summary: Search user with email. tags: - Users /api/audit-logs: get: description: Retrieve audit logs from database operationId: getAuditLogs parameters: - description: Use p query parameter to say which page you want returned. The size of the page is determined by the configuration option page_size of dashboard. example: 1 in: query name: p required: false schema: type: integer - description: Filters audit logs to show only actions performed by the specified user. This parameter allows you to focus on the activity of a particular user across the system. example: jhon@mail.com in: query name: user required: false schema: type: string - description: Filters audit logs based on the specific action performed by users. This parameter allows you to focus on particular types of activities within the system. example: List APIs in: query name: action required: false schema: type: string - description: Filters audit logs based on the IP address from which the action originated. This parameter allows you to focus on activities from specific network locations or to investigate actions from particular IP addresses. example: 127.0.0.1 in: query name: ip required: false schema: type: string - description: Filters audit logs based on the HTTP method used in the API request. This parameter allows you to focus on specific types of operations performed on the API. example: POST in: query name: method required: false schema: type: string - description: Filters audit logs based on the HTTP status code returned by the API in response to the request. This parameter allows you to focus on specific outcomes of API interactions. example: 200 in: query name: status required: false schema: type: integer - description: | This parameter filters audit logs based on partially matching the accessed API endpoint's URL path. It allows searching for actions performed on related resources or sections of the API by matching any portion of the URL. The match is case-sensitive and ignores additional path segments or query parameters beyond the matched portion. For example, if the database contains URLs like `/tib/create`, `/tib/get/1?schema=json`, `/api/schema`, and `/schema1` searching with `url=schema` would return `/api/schema` and `/schema1`. example: /api/apis in: query name: url required: false schema: type: string - description: Specifies the start date for the audit log search. If not provided, the search will include records from the earliest available date. Format YYYY-MM-DD. example: 1990-11-25 in: query name: from_date required: false schema: type: string - description: Specifies the end date for the audit log search. If not provided, the search will include records up to the current date and time. Format YYYY-MM-DD. example: 2030-12-18 in: query name: to_date required: false schema: type: string - description: Determines whether the response should be a downloadable file containing the records. If set to `true`, the API returns a file instead of a JSON list of records. When enabled, pagination is not applied, and the file will include all records that match the search criteria. example: true in: query name: download required: false schema: type: boolean - description: Specifies the format of the downloadable file. This parameter is only applied when `download` is set to `true`. If set to `csv`, the file content will be in CSV format; otherwise, JSON format will be used. in: query name: type required: false schema: type: string enum: [ csv, json ] example: csv responses: "200": content: application/octet-stream: schema: type: string format: binary description: A file containing the audit logs in either JSON or CSV format, depending on the `type` query parameter. application/json: example: pages: 1 audit_logs: - _id: 672a83e2b0418b224440ce29 req_id: 0462e283-a55f-41ab-6482-60d2eeb1858c org_id: 66cf7f8db0418b1fbe91852b date: Tue, 05 Nov 2024 17:45:22 -03 timestamp: 1730839522 ip: 127.0.0.1 user: jhon@mail.com action: '' method: GET url: "/api/audit-logs" status: 200 - _id: 672a83e9b0418b224440ce2a req_id: 1276517a-a57e-4b20-5cf5-a6d830fc399d org_id: 66cf7f8db0418b1fbe91852b date: Tue, 05 Nov 2024 17:45:29 -03 timestamp: 1730839529 ip: 127.0.0.1 user: jhon@mail.com action: '' method: GET url: "/api/audit-logs" status: 200 - _id: 672a83ecb0418b224440ce2b req_id: 9c720384-2c93-4c38-7164-35b876fd56ef org_id: 66cf7f8db0418b1fbe91852b date: Tue, 05 Nov 2024 17:45:32 -03 timestamp: 1730839532 ip: 127.0.0.1 user: jhon@mail.com action: '' method: GET url: "/api/audit-logs" status: 200 schema: $ref: '#/components/schemas/AuditLogs' description: Audit Logs retrieved successfully "400": content: application/json: example: Message: could not retrieve audit records Meta: null Status: Error description: Bad Request "401": content: application/json: example: Message: Not authorised Meta: null Status: Error description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/audit-logs' Meta: null Status: Error description: Forbidden summary: List audit logs tags: - AuditLogs /api/audit-logs/{audit-log-id}: get: description: Retrieve a single audit log from database by ID operationId: getAuditLog parameters: - description: ID of the audit log record to fetch. example: 1 in: path name: audit-log-id required: true schema: type: integer responses: "200": content: application/json: example: _id: 672a83e2b0418b224440ce29 req_id: 0462e283-a55f-41ab-6482-60d2eeb1858c org_id: 66cf7f8db0418b1fbe91852b date: Tue, 05 Nov 2024 17:45:22 -03 timestamp: 1730839522 ip: 127.0.0.1 user: jhon@mail.com action: '' method: GET url: "/api/audit-logs" status: 200 schema: $ref: '#/components/schemas/AuditLog' description: Audit Log retrieved successfully "400": content: application/json: example: Message: could not retrieve audit record Meta: null Status: Error description: Bad Request "401": content: application/json: example: Message: Not authorised Meta: null Status: Error description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/audit-log' Meta: null Status: Error description: Forbidden "404": content: application/json: example: Message: could not retrieve audit record Meta: null Status: Error description: NotFound "500": content: application/json: example: Message: Failed to fetch audit record. Meta: null Status: Error schema: $ref: '#/components/schemas/ApiResponse' description: Internal server error. summary: Retrieve single audit log tags: - AuditLogs /api/org/notifications: get: description: Retrieve all notifications that have been issued for a specific Tyk Organisation. operationId: getAllOrganisationNotifications parameters: - description: Setting refresh to true will force the API to refresh the list of notifications. example: 'true' in: query name: refresh required: false schema: type: string responses: "200": content: application/json: example: - id: b52f491a-2946-408b-9330-2736db85705b created_at: 2025-08-13T11:16:12.194968+02:00 org_id: 683d6e6a954737af2aa8e5c2 hash: '17090217262863020087' kind: warning topic: certificate.expiry title: Certificate will expire soon message: Certificate with ID 683d6e6a954737af2aa8e5c20d545f3211d5a53684114dc8b3ebb2503edf6fabf2e5812425be2fa108f3fb4d will expire in less than 18 days data: cert_id: 683d6e6a954737af2aa8e5c20d545f3211d5a53684114dc8b3ebb2503edf6fabf2e5812425be2fa108f3fb4d expiry_date: 2025-08-31T08:41:53Z days_remaining: 17 schema: type: array items: $ref: '#/components/schemas/OrganisationNotification' description: Returns a list of notifications that have been issued for the specified Tyk Organisation. "401": content: application/json: example: Message: Not authorised Meta: null Status: Error description: Unauthorized "403": content: application/json: example: Message: 'access denied: You do not have permission to access /api/org/notifications' Meta: null Status: Error description: Forbidden summary: Retrieve notifications tags: - Organisation Notifications components: examples: aggregateAnalytics: value: data: - error: 4 hits: 31 id: alias: "" api_id: 41351a6a94094da05f75146a695a16f6 api_name: Keyless code: 404 day: 0 hour: 0 iso_country: "" key: "" month: 0 path: /anything url: "" year: 0 last_hit: "2024-06-19T07:11:39Z" latency: 0 max_latency: 0 max_upstream_latency: 0 min_latency: 0 min_upstream_latency: 0 request_time: 174.5 success: 27 upstream_latency: 0 pages: 1 oasExample: value: components: securitySchemes: bearerAuth: description: The API Access Credentials scheme: bearer type: http info: description: This is a sample OpenAPI description. title: Sample OpenAPI description version: 1.0.0 openapi: 3.0.3 paths: /api/sample/users: get: operationId: getUsersSample responses: "200": content: application/json: schema: items: properties: name: type: string type: object type: array description: fetched users summary: Get users tags: - users security: - bearerAuth: [] servers: - url: https://localhost:8080 x-tyk-api-gateway: info: name: user state: active: true server: listenPath: strip: true value: /user-test-five/ upstream: url: https://localhost:8080 oasExampleWithoutTykExtension: value: components: securitySchemes: bearerAuth: description: The API Access Credentials scheme: bearer type: http info: description: This is a sample OpenAPI description. title: Sample OpenAPI description version: 1.0.0 openapi: 3.0.3 paths: /api/sample/users: get: operationId: getUsersSample responses: "200": content: application/json: schema: items: properties: name: type: string type: object type: array description: fetched users summary: Get users tags: - users security: - bearerAuth: [ ] servers: - url: https://localhost:8080 PatchOASExample: summary: Patch Tyk OAS Example value: components: securitySchemes: bearerAuth: description: The API Access Credentials scheme: bearer type: http info: description: This is a sample OpenAPI description. title: Sample OpenAPI description version: 1.0.0 openapi: 3.0.3 paths: /api/sample/users: get: operationId: getUsersSample responses: "200": content: application/json: schema: items: properties: name: type: string type: object type: array description: fetched users summary: Get users tags: - users security: - bearerAuth: [ ] servers: - url: https://localhost:8080 x-tyk-api-gateway: info: name: user state: active: true server: listenPath: strip: true value: /user-test-two/ upstream: url: https://localhost:8080 paginatedApiExample: value: apis: - api_definition: api_id: b84fe1a04e5648927971c0557971565c auth: auth_header_name: authorization definition: key: version location: header name: Tyk Test API org_id: 664a14650619d40001f1f00f proxy: listen_path: /tyk-api-test/ strip_listen_path: true target_url: https://httpbin.org use_oauth2: true version_data: not_versioned: true versions: Default: name: Default pages: 1 policiesExample: value: Data: - _id: "363635373039383964393864643030303031646131376631" access_rights: 8ddd91f3cda9453442c477b06c4e2da4: allowance_scope: "" allowed_types: [] allowed_urls: - methods: - GET url: /users api_id: 8ddd91f3cda9453442c477b06c4e2da4 api_name: Itachi API disable_introspection: false field_access_rights: [] limit: max_query_depth: 0 per: 0 quota_max: 0 quota_remaining: 0 quota_renewal_rate: 0 quota_renews: 0 rate: 0 set_by_policy: false smoothing: delay: 30 enabled: false step: 100 threshold: 500 trigger: 0.8 throttle_interval: 0 throttle_retry_limit: 0 restricted_types: [] versions: - Default active: true date_created: "2024-05-27T10:24:31.099Z" hmac_enabled: false id: "" is_inactive: false key_expires_in: 2.592e+06 last_updated: "1716980105" max_query_depth: -1 meta_data: user_type: mobile_user name: Sample policy org_id: 664a14650619d40001f1f00f partitions: acl: true complexity: false per_api: false quota: true rate_limit: true per: 60 quota_max: 10000 quota_renewal_rate: 3600 rate: 1000 smoothing: delay: 30 enabled: false step: 100 threshold: 500 trigger: 0.8 tags: - security throttle_interval: 10 throttle_retry_limit: 10 Pages: 1 singleAPIDef: value: api_definition: api_id: b84fe1a04e5648927971c0557971565c auth: auth_header_name: authorization definition: key: version location: header id: 66596520c7f5720001b22558 name: Tyk Test API org_id: 664a14650619d40001f1f00f proxy: listen_path: /tyk-api-test/ strip_listen_path: true target_url: https://httpbin.org use_oauth2: true version_data: not_versioned: true versions: Default: name: Default streamsExample: value: components: securitySchemes: bearerAuth: description: The API Access Credentials scheme: bearer type: http info: description: This is a sample Streams API. title: Streams Sample version: 1.0.0 openapi: 3.0.3 paths: /api/sample/users: get: operationId: getUsersSample responses: "200": content: application/json: schema: items: properties: name: type: string type: object type: array description: fetched users summary: Get users tags: - users security: - bearerAuth: [ ] servers: - url: https://localhost:8080 x-tyk-api-gateway: info: name: user state: active: true server: listenPath: strip: true value: /user-test-six/ upstream: url: https://localhost:8080 x-tyk-streaming: streams: stream1: input: kafka: addresses: - localhost:9093 auto_replay_nacks: true checkpoint_limit: 1024 consumer_group: group1 target_version: 3.3.0 topics: - instrument.json.AMZN - instrument.json.GOOG output: broker: outputs: - stdout: codec: lines - http_server: allowed_verbs: - GET path: "/one" stream_path: "/sse" ws_path: "/ws" pattern: fan_out parameters: AccessType: description: Filter for internal or external API versions. example: internal in: query name: accessType required: false schema: enum: - internal - external type: string AllowList: description: Enable allowList middleware for all endpoints. in: query name: allowList required: false schema: $ref: '#/components/schemas/BooleanQueryParam' Authentication: description: Enable/disable the authentication mechanism in your Tyk Gateway for your OAS API. in: query name: authentication schema: $ref: '#/components/schemas/BooleanQueryParam' CustomDomain: description: Custom domain for the API. example: tyk.io in: query name: customDomain required: false schema: type: string ListenPath: description: Listen path for the API. example: /user-test-seven/ in: query name: listenPath required: false schema: type: string MockResponse: description: Enable mockResponse middleware for all endpoints having responses configured. in: query name: mockResponse required: false schema: $ref: '#/components/schemas/BooleanQueryParam' SearchText: description: Search for API version name. example: Sample oas in: query name: searchText required: false schema: type: string TemplateID: description: The Asset ID of template applied while creating or importing an OAS API. example: my-unique-template-id in: query name: templateID schema: type: string UpstreamURL: description: Upstream URL for the API. example: https://localhost:8080 in: query name: upstreamURL required: false schema: type: string ValidateRequest: description: Enable validateRequest middleware for all endpoints having a request body with media type application/json. in: query name: validateRequest required: false schema: $ref: '#/components/schemas/BooleanQueryParam' endDate: description: end date example: ' 2023-07-31' in: query name: end_day schema: format: date type: string startDate: description: start date example: "2023-07-01" in: query name: start_day schema: format: date type: string schemas: OpenAPI3Schema: type: object additionalProperties: true ProxyRequest: type: object required: - method - url properties: method: type: string description: HTTP method for the proxy request (GET, POST, PUT, DELETE, etc.) url: type: string description: Full URL for the proxy request (valid Gateway url), including scheme, host, and path headers: type: object additionalProperties: type: string description: Headers to be sent with the proxy request body: type: object description: Body of the proxy request, typically used for POST or PUT requests ProxyResponse: type: object properties: status_code: type: integer description: HTTP status code of the proxied response headers: type: object additionalProperties: type: string description: Headers received from the proxied response body: type: object description: Body of the proxied response, parsed as JSON if possible ErrorResponse: type: object properties: Status: type: string description: Error status, typically "Error" Message: type: string description: Detailed error message explaining what went wrong Meta: type: object nullable: true description: Additional metadata about the error, if available APICertificateStatusMessage: properties: id: example: 5e9d9544a1dcd60001d0ed207c440d66ebb0a4629d21329808dce9091acf5f2fde328067a6e60e5347271d90 type: string message: example: Certificate added type: string status: example: ok type: string type: object x-go-package: github.com/TykTechnologies/tyk/pkg/alias/gateway APIDefinition: properties: CORS: $ref: '#/components/schemas/CORSConfig' active: type: boolean allowed_ips: items: type: string nullable: true type: array analytics_plugin: $ref: '#/components/schemas/AnalyticsPluginConfig' api_id: type: string auth: $ref: '#/components/schemas/AuthConfig' auth_configs: additionalProperties: $ref: '#/components/schemas/AuthConfig' nullable: true type: object auth_provider: $ref: '#/components/schemas/AuthProviderMeta' base_identity_provided_by: type: string basic_auth: properties: body_password_regexp: type: string body_user_regexp: type: string cache_ttl: type: integer disable_caching: type: boolean extract_from_body: type: boolean type: object blacklisted_ips: items: type: string nullable: true type: array cache_options: $ref: '#/components/schemas/CacheOptions' certificate_pinning_disabled: type: boolean certificates: items: type: string nullable: true type: array client_certificates: items: type: string nullable: true type: array config_data: additionalProperties: {} nullable: true type: object config_data_disabled: type: boolean custom_middleware: $ref: '#/components/schemas/MiddlewareSection' custom_middleware_bundle: type: string custom_middleware_bundle_disabled: type: boolean custom_plugin_auth_enabled: type: boolean definition: $ref: '#/components/schemas/VersionDefinition' detailed_tracing: type: boolean disable_quota: type: boolean disable_rate_limit: type: boolean do_not_track: type: boolean domain: type: string domain_disabled: type: boolean dont_set_quota_on_create: type: boolean enable_batch_request_support: type: boolean enable_context_vars: type: boolean enable_coprocess_auth: type: boolean enable_detailed_recording: type: boolean enable_ip_blacklisting: type: boolean enable_ip_whitelisting: type: boolean enable_jwt: type: boolean enable_proxy_protocol: type: boolean enable_signature_checking: type: boolean event_handlers: $ref: '#/components/schemas/EventHandlerMetaConfig' expiration: type: string expire_analytics_after: format: int64 type: integer external_oauth: $ref: '#/components/schemas/ExternalOAuth' global_rate_limit: $ref: '#/components/schemas/GlobalRateLimit' graphql: $ref: '#/components/schemas/GraphQLConfig' hmac_allowed_algorithms: items: type: string nullable: true type: array hmac_allowed_clock_skew: format: double type: number id: type: string idp_client_id_mapping_disabled: type: boolean internal: type: boolean is_oas: type: boolean jwt_client_base_field: type: string jwt_default_policies: items: type: string nullable: true type: array jwt_expires_at_validation_skew: minimum: 0 type: integer jwt_identity_base_field: type: string jwt_issued_at_validation_skew: minimum: 0 type: integer jwt_not_before_validation_skew: minimum: 0 type: integer jwt_policy_field_name: type: string jwt_scope_claim_name: type: string jwt_scope_to_policy_mapping: additionalProperties: type: string nullable: true type: object jwt_signing_method: type: string jwt_skip_kid: type: boolean jwt_source: type: string listen_port: type: integer name: type: string notifications: $ref: '#/components/schemas/NotificationsManager' oauth_meta: properties: allowed_access_types: items: type: string nullable: true type: array allowed_authorize_types: items: type: string nullable: true type: array auth_login_redirect: type: string type: object openid_options: $ref: '#/components/schemas/OpenIDOptions' org_id: type: string pinned_public_keys: additionalProperties: type: string nullable: true type: object protocol: type: string proxy: $ref: '#/components/schemas/ProxyConfig' request_signing: $ref: '#/components/schemas/RequestSigningMeta' response_processors: items: $ref: '#/components/schemas/ResponseProcessor' nullable: true type: array scopes: $ref: '#/components/schemas/ScopesType2' session_lifetime: format: int64 type: integer session_lifetime_respects_key_expiration: type: boolean session_provider: $ref: '#/components/schemas/SessionProviderMeta' slug: type: string strip_auth_data: type: boolean tag_headers: items: type: string nullable: true type: array tags: items: type: string nullable: true type: array tags_disabled: type: boolean upstream_certificates: additionalProperties: type: string nullable: true type: object upstream_certificates_disabled: type: boolean uptime_tests: $ref: '#/components/schemas/UptimeTests' use_basic_auth: type: boolean use_go_plugin_auth: type: boolean use_keyless: type: boolean use_mutual_tls_auth: type: boolean use_oauth2: type: boolean use_openid: type: boolean use_standard_auth: type: boolean version_data: $ref: '#/components/schemas/VersionData' type: object x-go-package: github.com/TykTechnologies/tyk/apidef APILimit: nullable: true properties: max_query_depth: type: integer per: format: double type: number quota_max: format: int64 type: integer quota_remaining: format: int64 type: integer quota_renewal_rate: format: int64 type: integer quota_renews: format: int64 type: integer rate: format: double type: number set_by_policy: type: boolean smoothing: $ref: '#/components/schemas/RateLimitSmoothing' throttle_interval: format: double type: number throttle_retry_limit: type: integer type: object AccessDefinition: properties: allowance_scope: type: string allowed_types: items: $ref: '#/components/schemas/GraphqlType' nullable: true type: array allowed_urls: items: $ref: '#/components/schemas/AccessSpec' nullable: true type: array api_id: example: d1dfc6a927a046c54c0ed470f19757cc type: string api_name: example: Rate Limit Proxy API type: string disable_introspection: example: false type: boolean endpoints: items: $ref: '#/components/schemas/SessionEndpoint' type: array field_access_rights: items: $ref: '#/components/schemas/FieldAccessDefinition' nullable: true type: array limit: $ref: '#/components/schemas/APILimit' restricted_types: items: $ref: '#/components/schemas/GraphqlType' nullable: true type: array versions: example: - Default - v2 items: type: string nullable: true type: array type: object AccessManagementPayload: properties: userGroupIds: example: - 663a4ed6b6be920001b191aa - 663a4ed6b6be920001b191ab items: type: string type: array userIds: example: - 663b2a835715ecb6edef24e3 - 663a5bbf5715ec8040251f2a items: type: string type: array type: object AccessSpec: properties: methods: example: - GET - PATCH - HEAD - PUT - DELETE items: type: string nullable: true type: array url: example: anything/rate-limit-1-per-5 type: string type: object AggregateAnalyticsData: properties: data: items: $ref: '#/components/schemas/ResultUnit' nullable: true type: array pages: type: integer type: object AllCategoriesResponse: properties: categories: items: $ref: '#/components/schemas/CategoryCount' nullable: true type: array type: object AllKeys: properties: keys: items: type: string nullable: true type: array type: object Allowance: nullable: true properties: enabled: type: boolean ignoreCase: type: boolean type: object AnalyticsPluginConfig: properties: enable: type: boolean func_name: type: string plugin_path: type: string type: object x-go-package: github.com/TykTechnologies/tyk/apidef ApiDefinitionWrapper: properties: api_definition: $ref: '#/components/schemas/APIDefinition' api_model: $ref: '#/components/schemas/ApiModel' categories: $ref: '#/components/schemas/Categories' created_at: format: date-time nullable: true type: string hook_references: items: $ref: '#/components/schemas/HookReference' nullable: true type: array is_site: type: boolean oas: $ref: '#/components/schemas/OAS' sort_by: type: integer updated_at: format: date-time nullable: true type: string user_group_owners: items: type: string nullable: true type: array user_owners: items: type: string nullable: true type: array type: object ApiDefinitionsResponse: properties: apis: items: $ref: '#/components/schemas/ApiDefinitionWrapper' nullable: true type: array pages: type: integer type: object ApiImportByUrlPayload: properties: url: type: string type: object ApiModel: type: object ApiResponse: properties: ID: type: string Message: type: string Meta: {} Status: type: string type: object APIsUsingCertificate: type: object properties: cert_id: type: string apis: type: array items: $ref: '#/components/schemas/APIUsageSummary' pages: type: integer CertUsageType: type: string enum: - client - upstream - server TykApiType: type: string enum: - Tyk Streams - Tyk OAS - Tyk UDG - Subgraph - Supergraph - Tyk GraphQL - TCP - Tyk Classic APIUsageSummary: type: object properties: api_id: type: string name: type: string usage_type: type: array items: $ref: '#/components/schemas/CertUsageType' tyk_api_type: $ref: '#/components/schemas/TykApiType' ApiStatusMessage: properties: message: type: string status: type: string type: object x-go-package: github.com/TykTechnologies/tyk/pkg/alias/gateway Asset: properties: _id: description: database id of asset example: 659b9613a1ed7ef7afdccb9d readOnly: true type: string data: $ref: '#/components/schemas/JSONRawMessage' description: type: string id: description: custom id of asset that can be provided while creation/updating. example: my-unique-template-id type: string kind: default: oas-template description: the asset type, which is set to oas-template enum: - oas-template example: oas-template type: string last_updated: description: last updated time stamp example: "2024-01-10T08:48:36.183Z" format: date-time readOnly: true type: string name: description: human-readable name for the template type: string org_id: type: string type: object AuditLog: properties: _id: example: 672a83e2b0418b224440ce29 type: string req_id: example: 0462e283-a55f-41ab-6482-60d2eeb1858c type: string org_id: example: 5e9d9544a1dcd60001d0ed20 type: string date: example: Tue, 05 Nov 2024 17:45:22 -03 type: string timestamp: example: 1730839522 type: integer ip: example: 127.0.0.1 type: string user: example: jhon@mail.com type: string action: example: List APIS type: string method: example: GET type: string url: example: /api/apis type: string status: example: 200 type: integer type: object AuditLogs: properties: pages: type: integer audit_logs: items: $ref: '#/components/schemas/AuditLog' nullable: true type: array type: object AuthConfig: properties: auth_header_name: type: string cookie_name: type: string disable_header: type: boolean name: type: string param_name: type: string signature: $ref: '#/components/schemas/SignatureConfig' use_certificate: type: boolean use_cookie: type: boolean use_param: type: boolean validate_signature: type: boolean type: object x-go-package: github.com/TykTechnologies/tyk/apidef AuthProviderMeta: properties: meta: additionalProperties: {} nullable: true type: object name: type: string storage_engine: type: string type: object x-go-package: github.com/TykTechnologies/tyk/apidef AuthSource: nullable: true properties: enabled: type: boolean name: type: string type: object AuthSources: properties: cookie: $ref: '#/components/schemas/AuthSource' header: $ref: '#/components/schemas/AuthSource' query: $ref: '#/components/schemas/AuthSource' type: object Authentication: nullable: true properties: baseIdentityProvider: type: string custom: $ref: '#/components/schemas/CustomPluginAuthentication' enabled: type: boolean hmac: $ref: '#/components/schemas/HMAC' oidc: $ref: '#/components/schemas/OIDC' securitySchemes: $ref: '#/components/schemas/SecuritySchemes' stripAuthorizationData: type: boolean type: object AuthenticationPlugin: nullable: true properties: enabled: type: boolean functionName: type: string idExtractor: $ref: '#/components/schemas/IDExtractor' path: type: string rawBodyOnly: type: boolean type: object BooleanQueryParam: example: true type: boolean CORS: nullable: true properties: allowCredentials: type: boolean allowedHeaders: items: type: string type: array allowedMethods: items: type: string type: array allowedOrigins: items: type: string type: array debug: type: boolean enabled: type: boolean exposedHeaders: items: type: string type: array maxAge: type: integer optionsPassthrough: type: boolean type: object CORSConfig: properties: allow_credentials: type: boolean allowed_headers: items: type: string nullable: true type: array allowed_methods: items: type: string nullable: true type: array allowed_origins: items: type: string nullable: true type: array debug: type: boolean enable: type: boolean exposed_headers: items: type: string nullable: true type: array max_age: type: integer options_passthrough: type: boolean type: object x-go-package: github.com/TykTechnologies/tyk/apidef Cache: nullable: true properties: cacheAllSafeRequests: type: boolean cacheByHeaders: items: type: string type: array cacheResponseCodes: items: type: integer type: array controlTTLHeaderName: type: string enableUpstreamCacheControl: type: boolean enabled: type: boolean timeout: format: int64 type: integer type: object CacheMeta: properties: cache_key_regex: type: string cache_response_codes: items: type: integer nullable: true type: array disabled: type: boolean method: type: string path: type: string timeout: format: int64 type: integer type: object x-go-package: github.com/TykTechnologies/tyk/apidef CacheOptions: properties: cache_all_safe_requests: type: boolean cache_by_headers: items: type: string nullable: true type: array cache_control_ttl_header: type: string cache_response_codes: items: type: integer nullable: true type: array cache_timeout: format: int64 type: integer enable_cache: type: boolean enable_upstream_cache_control: type: boolean type: object x-go-package: github.com/TykTechnologies/tyk/apidef CachePlugin: nullable: true properties: cacheByRegex: type: string cacheResponseCodes: items: type: integer type: array enabled: type: boolean timeout: format: int64 type: integer type: object CallbackRef: type: object Callbacks: additionalProperties: $ref: '#/components/schemas/CallbackRef' type: object Categories: items: type: string type: array CategoriesPayload: properties: categories: items: type: string nullable: true type: array type: object CategoryCount: properties: count: example: 3 type: integer name: example: tag1 type: string type: object CertificateBasics: properties: cert_basics: items: $ref: '#/components/schemas/CertsCertificateBasics' nullable: true type: array pages: type: integer type: object CertificateDependencies: properties: certID: example: 5e9d9544a1dcd60001d0ed20a6ab77653d5da938f452bb8cc9b55b0630a6743dabd8dc92bfb025abb09ce035 type: string client_cert_api_names: example: - Ngrok Dashboard API items: type: string nullable: true type: array client_cert_apis: example: - edc9b2bd3e7b4cc55c4ff0a7e1529b45 items: type: string nullable: true type: array key_cert: example: 5e9d9544a1dcd60001d0ed205e9d9544a1dcd60001d0ed20a6ab77653d5da938f452bb8cc9b55b0630a6743dabd8dc92bfb025abb09ce035 type: string upstream_cert_api_names: example: - External HTTPbin items: type: string nullable: true type: array upstream_cert_apis: example: - 627efb71ebae49df7a853b9769b65fce items: type: string nullable: true type: array type: object CertificateDetailedList: properties: certificates: items: $ref: '#/components/schemas/CertsCertificateMeta' nullable: true type: array pages: type: integer type: object CertificateExpiryData: properties: cert_id: type: string expiry_date: type: string days_remaining: type: integer type: object x-go-package: github.com/TykTechnologies/tyk-analytics/dashboard/repository/notification CertificateList: properties: certs: items: type: string nullable: true type: array pages: type: integer type: object CertificatePinning: nullable: true properties: domainToPublicKeysMapping: $ref: '#/components/schemas/PinnedPublicKeys' enabled: type: boolean type: object CertsCertificateBasics: properties: dns_names: items: type: string nullable: true type: array has_private: type: boolean id: type: string is_ca: type: boolean issuer_cn: type: string not_after: format: date-time type: string not_before: format: date-time type: string subject_cn: type: string type: object x-go-package: github.com/TykTechnologies/tyk/certs CertsCertificateMeta: properties: dns_names: items: type: string type: array fingerprint: type: string has_private: type: boolean id: type: string is_ca: type: boolean issuer: $ref: '#/components/schemas/PkixName' not_after: format: date-time type: string not_before: format: date-time type: string subject: $ref: '#/components/schemas/PkixName' type: object x-go-package: github.com/TykTechnologies/tyk/certs CheckCommand: properties: message: type: string name: type: string type: object x-go-package: github.com/TykTechnologies/tyk/apidef CircuitBreaker: nullable: true properties: coolDownPeriod: type: integer enabled: type: boolean halfOpenStateEnabled: type: boolean sampleSize: type: integer threshold: format: double type: number type: object CircuitBreakerMeta: properties: disable_half_open_state: type: boolean disabled: type: boolean method: type: string path: type: string return_to_service_after: type: integer samples: format: int64 type: integer threshold_percent: format: double type: number type: object x-go-package: github.com/TykTechnologies/tyk/apidef ClientCertificates: nullable: true properties: allowlist: items: type: string nullable: true type: array enabled: type: boolean type: object ClientToPolicy: properties: clientId: type: string policyId: type: string type: object Components: nullable: true properties: callbacks: $ref: '#/components/schemas/Callbacks' examples: $ref: '#/components/schemas/Examples' headers: $ref: '#/components/schemas/HeadersType2' links: $ref: '#/components/schemas/Links' parameters: $ref: '#/components/schemas/ParametersMap' requestBodies: $ref: '#/components/schemas/RequestBodies' responses: $ref: '#/components/schemas/Responses' schemas: $ref: '#/components/schemas/Schemas' securitySchemes: $ref: '#/components/schemas/SecuritySchemesType2' type: object Contact: nullable: true properties: email: type: string name: type: string url: type: string type: object ContextVariables: nullable: true properties: enabled: type: boolean type: object CustomPlugin: properties: enabled: type: boolean functionName: type: string path: type: string rawBodyOnly: type: boolean requireSession: type: boolean type: object CustomPluginAuthentication: nullable: true properties: AuthSources: $ref: '#/components/schemas/AuthSources' config: $ref: '#/components/schemas/AuthenticationPlugin' enabled: type: boolean type: object CustomPlugins: items: $ref: '#/components/schemas/CustomPlugin' type: array DatasourceMappingConfiguration: nullable: true properties: disabled: type: boolean path: type: string type: object DatasourceSourceConfig: properties: data_source_config: {} kind: type: string type: object DatasourceTypeFieldConfiguration: properties: data_source: $ref: '#/components/schemas/DatasourceSourceConfig' field_name: type: string mapping: $ref: '#/components/schemas/DatasourceMappingConfiguration' type_name: type: string type: object DcrpRegistration: properties: access_token: type: string client_uri: type: string provider: type: string type: object DetailedActivityLogs: nullable: true properties: enabled: type: boolean type: object DetailedExampleAPIMetadata: properties: api_definition: $ref: '#/components/schemas/APIDefinition' description: type: string features: items: type: string nullable: true type: array location: type: string min_version: type: string name: type: string oas: $ref: '#/components/schemas/OAS' readme: type: string type: object DetailedTracing: nullable: true properties: enabled: type: boolean type: object Domain: nullable: true properties: certificates: items: type: string type: array enabled: type: boolean name: type: string type: object DomainToCertificate: properties: certificate: type: string domain: type: string type: object DryRunRequest: properties: oas: $ref: '#/components/schemas/OpenAPI3Schema' tyk_oas: allOf: - $ref: '#/components/schemas/OpenAPI3Schema' - $ref: '#/components/schemas/TykVendorExtension' type: object EndPointMeta: properties: disabled: type: boolean ignore_case: type: boolean method: type: string method_actions: additionalProperties: $ref: '#/components/schemas/EndpointMethodMeta' type: object path: type: string type: object x-go-package: github.com/TykTechnologies/tyk/apidef EndpointMethodMeta: properties: action: type: string code: type: integer data: type: string headers: additionalProperties: type: string nullable: true type: object type: object x-go-package: github.com/TykTechnologies/tyk/apidef EndpointPostPlugin: properties: enabled: type: boolean functionName: type: string name: type: string path: type: string type: object EndpointPostPlugins: items: $ref: '#/components/schemas/EndpointPostPlugin' type: array EnforceTimeout: nullable: true properties: enabled: type: boolean value: type: integer type: object EntityStats: nullable: true properties: apis: items: $ref: '#/components/schemas/IndividualStats' nullable: true type: array dataplanes: items: $ref: '#/components/schemas/IndividualStats' type: array dataplanes_gateways: items: $ref: '#/components/schemas/IndividualStats' type: array type: object EventHandler: properties: enabled: type: boolean id: type: string name: type: string trigger: type: string type: type: string type: object EventHandlerMetaConfig: properties: events: additionalProperties: items: $ref: '#/components/schemas/EventHandlerTriggerConfig' type: array nullable: true type: object type: object x-go-package: github.com/TykTechnologies/tyk/apidef EventHandlerTriggerConfig: properties: handler_meta: additionalProperties: {} nullable: true type: object handler_name: type: string type: object x-go-package: github.com/TykTechnologies/tyk/apidef EventHandlers: items: $ref: '#/components/schemas/EventHandler' type: array ExampleAPIMetadata: properties: location: example: udg/vat-checker type: string name: example: VAT number checker UDG type: string shortDescription: example: Simple REST API wrapped in GQL using Universal Data Graph that allows user to check validity of a VAT number and display some details about it. type: string type: object ExampleRef: type: object Examples: additionalProperties: $ref: '#/components/schemas/ExampleRef' type: object ExtendedPathsSet: properties: advance_cache_config: items: $ref: '#/components/schemas/CacheMeta' type: array black_list: items: $ref: '#/components/schemas/EndPointMeta' type: array cache: items: type: string type: array circuit_breakers: items: $ref: '#/components/schemas/CircuitBreakerMeta' type: array do_not_track_endpoints: items: $ref: '#/components/schemas/TrackEndpointMeta' type: array go_plugin: items: $ref: '#/components/schemas/GoPluginMeta' type: array hard_timeouts: items: $ref: '#/components/schemas/HardTimeoutMeta' type: array ignored: items: $ref: '#/components/schemas/EndPointMeta' type: array internal: items: $ref: '#/components/schemas/InternalMeta' type: array method_transforms: items: $ref: '#/components/schemas/MethodTransformMeta' type: array mock_response: items: $ref: '#/components/schemas/MockResponseMeta' type: array persist_graphql: items: $ref: '#/components/schemas/PersistGraphQLMeta' nullable: true type: array rate_limit: items: $ref: '#/components/schemas/RateLimitMeta' nullable: true type: array size_limits: items: $ref: '#/components/schemas/RequestSizeMeta' type: array track_endpoints: items: $ref: '#/components/schemas/TrackEndpointMeta' type: array transform: items: $ref: '#/components/schemas/TemplateMeta' type: array transform_headers: items: $ref: '#/components/schemas/HeaderInjectionMeta' type: array transform_jq: items: $ref: '#/components/schemas/TransformJQMeta' type: array transform_jq_response: items: $ref: '#/components/schemas/TransformJQMeta' type: array transform_response: items: $ref: '#/components/schemas/TemplateMeta' type: array transform_response_headers: items: $ref: '#/components/schemas/HeaderInjectionMeta' type: array url_rewrites: items: $ref: '#/components/schemas/URLRewriteMeta' type: array validate_json: items: $ref: '#/components/schemas/ValidatePathMeta' type: array validate_request: items: $ref: '#/components/schemas/ValidateRequestMeta' type: array virtual: items: $ref: '#/components/schemas/VirtualMeta' type: array white_list: items: $ref: '#/components/schemas/EndPointMeta' type: array type: object x-go-package: github.com/TykTechnologies/tyk/apidef ExternalDocs: nullable: true properties: description: type: string url: type: string type: object ExternalOAuth: properties: enabled: type: boolean providers: items: $ref: '#/components/schemas/ProviderType2' nullable: true type: array type: object x-go-package: github.com/TykTechnologies/tyk/apidef FieldAccessDefinition: properties: field_name: type: string limits: $ref: '#/components/schemas/FieldLimits' type_name: type: string type: object FieldLimits: properties: max_query_depth: type: integer type: object FormDataFile: properties: file: $ref: '#/components/schemas/MultipartFile' required: - file type: object FromOASExamples: nullable: true properties: code: type: integer contentType: type: string enabled: type: boolean exampleName: type: string type: object GatewayTags: nullable: true properties: enabled: type: boolean tags: items: type: string nullable: true type: array type: object Global: nullable: true properties: cache: $ref: '#/components/schemas/Cache' contextVariables: $ref: '#/components/schemas/ContextVariables' cors: $ref: '#/components/schemas/CORS' pluginConfig: $ref: '#/components/schemas/PluginConfig' postAuthenticationPlugin: $ref: '#/components/schemas/PostAuthenticationPlugin' postAuthenticationPlugins: $ref: '#/components/schemas/CustomPlugins' postPlugin: $ref: '#/components/schemas/PostPlugin' postPlugins: $ref: '#/components/schemas/CustomPlugins' prePlugin: $ref: '#/components/schemas/PrePlugin' prePlugins: $ref: '#/components/schemas/CustomPlugins' responsePlugin: $ref: '#/components/schemas/ResponsePlugin' responsePlugins: $ref: '#/components/schemas/CustomPlugins' trafficLogs: $ref: '#/components/schemas/TrafficLogs' transformRequestHeaders: $ref: '#/components/schemas/TransformHeaders' transformResponseHeaders: $ref: '#/components/schemas/TransformHeaders' type: object GlobalRateLimit: properties: disabled: type: boolean per: format: double type: number rate: format: double type: number type: object x-go-package: github.com/TykTechnologies/tyk/apidef GoPluginMeta: properties: disabled: type: boolean func_name: type: string method: type: string path: type: string plugin_path: type: string type: object x-go-package: github.com/TykTechnologies/tyk/apidef GraphQLConfig: properties: enabled: type: boolean engine: $ref: '#/components/schemas/GraphQLEngineConfig' execution_mode: type: string introspection: $ref: '#/components/schemas/GraphQLIntrospectionConfig' last_schema_update: format: date-time nullable: true type: string playground: $ref: '#/components/schemas/GraphQLPlayground' proxy: $ref: '#/components/schemas/GraphQLProxyConfig' schema: type: string subgraph: $ref: '#/components/schemas/GraphQLSubgraphConfig' supergraph: $ref: '#/components/schemas/GraphQLSupergraphConfig' type_field_configurations: items: $ref: '#/components/schemas/DatasourceTypeFieldConfiguration' nullable: true type: array version: type: string type: object x-go-package: github.com/TykTechnologies/tyk/apidef GraphQLEngineConfig: properties: data_sources: items: $ref: '#/components/schemas/GraphQLEngineDataSource' nullable: true type: array field_configs: items: $ref: '#/components/schemas/GraphQLFieldConfig' nullable: true type: array global_headers: items: $ref: '#/components/schemas/UDGGlobalHeader' nullable: true type: array type: object x-go-package: github.com/TykTechnologies/tyk/apidef GraphQLEngineDataSource: properties: config: {} internal: type: boolean kind: type: string name: type: string root_fields: items: $ref: '#/components/schemas/GraphQLTypeFields' nullable: true type: array type: object x-go-package: github.com/TykTechnologies/tyk/apidef GraphQLFieldConfig: properties: disable_default_mapping: type: boolean field_name: type: string path: items: type: string nullable: true type: array type_name: type: string type: object x-go-package: github.com/TykTechnologies/tyk/apidef GraphQLIntrospectionConfig: properties: disabled: type: boolean type: object x-go-package: github.com/TykTechnologies/tyk/apidef GraphQLPlayground: properties: enabled: type: boolean path: type: string type: object x-go-package: github.com/TykTechnologies/tyk/apidef GraphQLProxyConfig: properties: auth_headers: additionalProperties: type: string nullable: true type: object features: $ref: '#/components/schemas/GraphQLProxyFeaturesConfig' request_headers: additionalProperties: type: string nullable: true type: object request_headers_rewrite: additionalProperties: $ref: '#/components/schemas/RequestHeadersRewriteConfig' nullable: true type: object subscription_type: type: string use_response_extensions: $ref: '#/components/schemas/GraphQLResponseExtensions' type: object x-go-package: github.com/TykTechnologies/tyk/apidef GraphQLProxyFeaturesConfig: properties: use_immutable_headers: type: boolean type: object x-go-package: github.com/TykTechnologies/tyk/apidef GraphQLResponseExtensions: properties: on_error_forwarding: type: boolean type: object x-go-package: github.com/TykTechnologies/tyk/apidef GraphQLSubgraphConfig: properties: sdl: type: string type: object x-go-package: github.com/TykTechnologies/tyk/apidef GraphQLSubgraphEntity: properties: api_id: type: string headers: additionalProperties: type: string nullable: true type: object name: type: string sdl: type: string subscription_type: type: string url: type: string type: object x-go-package: github.com/TykTechnologies/tyk/apidef GraphQLSupergraphConfig: properties: disable_query_batching: type: boolean global_headers: additionalProperties: type: string nullable: true type: object merged_sdl: type: string subgraphs: items: $ref: '#/components/schemas/GraphQLSubgraphEntity' nullable: true type: array updated_at: format: date-time nullable: true type: string type: object x-go-package: github.com/TykTechnologies/tyk/apidef GraphQLTypeFields: properties: fields: items: type: string nullable: true type: array type: type: string type: object x-go-package: github.com/TykTechnologies/tyk/apidef GraphqlType: properties: fields: items: type: string nullable: true type: array name: type: string type: object HMAC: nullable: true properties: AuthSources: $ref: '#/components/schemas/AuthSources' allowedAlgorithms: items: type: string type: array allowedClockSkew: format: double type: number enabled: type: boolean type: object HardTimeoutMeta: properties: disabled: type: boolean method: type: string path: type: string timeout: type: integer type: object x-go-package: github.com/TykTechnologies/tyk/apidef Header: properties: name: type: string value: type: string type: object HeaderInjectionMeta: properties: act_on: type: boolean add_headers: additionalProperties: type: string nullable: true type: object delete_headers: items: type: string nullable: true type: array disabled: type: boolean method: type: string path: type: string type: object x-go-package: github.com/TykTechnologies/tyk/apidef HeaderRef: type: object Headers: items: $ref: '#/components/schemas/Header' type: array HeadersType2: additionalProperties: $ref: '#/components/schemas/HeaderRef' type: object HookReference: properties: event_name: type: string event_timeout: format: int64 type: integer hook: $ref: '#/components/schemas/WebHookHandlerConf' type: object HostCheckObject: properties: body: type: string commands: items: $ref: '#/components/schemas/CheckCommand' nullable: true type: array enable_proxy_protocol: type: boolean headers: additionalProperties: type: string nullable: true type: object method: type: string protocol: type: string timeout: $ref: '#/components/schemas/TimeDuration' url: type: string type: object x-go-package: github.com/TykTechnologies/tyk/apidef IDExtractor: nullable: true properties: config: $ref: '#/components/schemas/IDExtractorConfig' enabled: type: boolean source: type: string with: type: string type: object IDExtractorConfig: nullable: true properties: formParamName: type: string headerName: type: string regexp: type: string regexpMatchIndex: type: integer xPathExp: type: string type: object IndividualStats: properties: avg_active_usage: example: 13 type: integer avg_usage: example: 15 type: integer date: example: "2023-07-01" type: string license_entitlement: example: 25 type: integer license_entitlement_active: example: 20 type: integer max_active_usage: example: 18 type: integer max_usage: example: 20 type: integer min_active_usage: example: 8 type: integer min_usage: example: 10 type: integer type: object Info: properties: dbId: type: string expiration: type: string id: type: string name: type: string orgId: type: string state: $ref: '#/components/schemas/State' versioning: $ref: '#/components/schemas/Versioning' type: object InfoType2: nullable: true properties: contact: $ref: '#/components/schemas/Contact' description: type: string license: $ref: '#/components/schemas/License' termsOfService: type: string title: type: string version: type: string type: object Internal: nullable: true properties: enabled: type: boolean type: object InternalMeta: properties: disabled: type: boolean method: type: string path: type: string type: object x-go-package: github.com/TykTechnologies/tyk/apidef Introspection: properties: cache: $ref: '#/components/schemas/IntrospectionCache' client_id: type: string client_secret: type: string enabled: type: boolean identity_base_field: type: string url: type: string type: object x-go-package: github.com/TykTechnologies/tyk/apidef IntrospectionCache: properties: enabled: type: boolean timeout: format: int64 type: integer type: object x-go-package: github.com/TykTechnologies/tyk/apidef JSONRawMessage: example: info: title: Our Sample OAS version: 1.0.0 openapi: 3.0.3 paths: /anything: post: operationId: anythingpost responses: "200": description: Post created x-tyk-api-gateway: middleware: global: cache: cacheAllSafeRequests: true enabled: true timeout: 5 operations: anythingpost: requestSizeLimit: enabled: true value: 100 type: object JWTValidation: properties: enabled: type: boolean expires_at_validation_skew: minimum: 0 type: integer identity_base_field: type: string issued_at_validation_skew: minimum: 0 type: integer not_before_validation_skew: minimum: 0 type: integer signing_method: type: string source: type: string type: object x-go-package: github.com/TykTechnologies/tyk/apidef KeyData: properties: api_model: $ref: '#/components/schemas/ApiModel' data: $ref: '#/components/schemas/SessionState' key_hash: example: 41c5cb1e type: string key_id: example: 5e9d9544a1dcd60001d0ed20e7f75f9e03534825b7aef9df749582e5 type: string type: object Keys: properties: data: $ref: '#/components/schemas/AllKeys' pages: type: integer type: object KeysDetailed: properties: keys: items: $ref: '#/components/schemas/KeyData' nullable: true type: array pages: type: integer type: object License: nullable: true properties: name: type: string url: type: string type: object LinkRef: type: object Links: additionalProperties: $ref: '#/components/schemas/LinkRef' type: object ListenPath: properties: strip: type: boolean value: type: string type: object MethodTransformMeta: properties: disabled: type: boolean method: type: string path: type: string to_method: type: string type: object x-go-package: github.com/TykTechnologies/tyk/apidef Middleware: nullable: true properties: global: $ref: '#/components/schemas/Global' operations: $ref: '#/components/schemas/Operations' type: object MiddlewareDefinition: properties: disabled: type: boolean name: type: string path: type: string raw_body_only: type: boolean require_session: type: boolean type: object x-go-package: github.com/TykTechnologies/tyk/apidef MiddlewareIdExtractor: properties: disabled: type: boolean extract_from: type: string extract_with: type: string extractor_config: additionalProperties: {} nullable: true type: object type: object x-go-package: github.com/TykTechnologies/tyk/apidef MiddlewareSection: properties: auth_check: $ref: '#/components/schemas/MiddlewareDefinition' driver: type: string id_extractor: $ref: '#/components/schemas/MiddlewareIdExtractor' post: items: $ref: '#/components/schemas/MiddlewareDefinition' nullable: true type: array post_key_auth: items: $ref: '#/components/schemas/MiddlewareDefinition' nullable: true type: array pre: items: $ref: '#/components/schemas/MiddlewareDefinition' nullable: true type: array response: items: $ref: '#/components/schemas/MiddlewareDefinition' nullable: true type: array type: object x-go-package: github.com/TykTechnologies/tyk/apidef MockResponse: nullable: true properties: body: type: string code: type: integer enabled: type: boolean fromOASExamples: $ref: '#/components/schemas/FromOASExamples' headers: $ref: '#/components/schemas/Headers' type: object MockResponseMeta: properties: body: type: string code: type: integer disabled: type: boolean headers: additionalProperties: type: string nullable: true type: object ignore_case: type: boolean method: type: string path: type: string type: object x-go-package: github.com/TykTechnologies/tyk/apidef MultipartFile: format: binary nullable: true type: string MutualTLS: nullable: true properties: domainToCertificateMapping: items: $ref: '#/components/schemas/DomainToCertificate' nullable: true type: array enabled: type: boolean type: object NewAdditionalPermissions: properties: additional_permissions: additionalProperties: type: string example: api_developer: API Developer api_manager: API Manager custom_permission: Custom Permission nullable: true type: object type: object NewClientRequest: properties: api_id: type: string api_model: $ref: '#/components/schemas/ApiModel' client_id: type: string client_name: type: string description: type: string meta_data: {} policy_id: type: string redirect_uri: type: string secret: type: string type: object NewOPARules: properties: open_policy: properties: rules: type: string type: object type: object NotificationsManager: properties: oauth_on_keychange_url: type: string shared_secret: type: string type: object x-go-package: github.com/TykTechnologies/tyk/apidef OAS: nullable: true properties: components: $ref: '#/components/schemas/Components' externalDocs: $ref: '#/components/schemas/ExternalDocs' info: $ref: '#/components/schemas/InfoType2' openapi: type: string paths: $ref: '#/components/schemas/Paths' security: $ref: '#/components/schemas/SecurityRequirements' servers: $ref: '#/components/schemas/Servers' tags: $ref: '#/components/schemas/Tags' type: object OASSchemaResponse: properties: message: type: string schema: {} status: type: string type: object x-go-package: github.com/TykTechnologies/tyk/pkg/alias/gateway OASServerURLsResponse: description: Response containing Tyk-generated server URLs for a Tyk OAS API properties: api_id: description: The ID of the API type: string example: "4c1c0d8fc885401053ddac4e39ef676b" urls: description: Array of URL components for each Tyk-generated server URL type: array items: $ref: '#/components/schemas/URLComponents' required: - api_id - urls type: object x-go-package: github.com/TykTechnologies/tyk-analytics/dashboard URLComponents: description: Decomposed components of a server URL including protocol, domain, paths, and versioning information properties: protocol: description: HTTP scheme (http or https) type: string example: "https" domain: description: Hostname (gateway domain or custom domain if configured) type: string example: "api.example.com" port: description: Port number (null for standard ports 80/443) type: integer nullable: true example: 8080 listen_path: description: Base path from API configuration type: string example: "my-api" endpoint_path: description: Version-specific path segment (e.g., "v1", "v2"), empty for non-versioned or header/query param versioned APIs type: string example: "v1" query_parameters: description: Query parameters required for version routing (populated for url-param versioning) type: array items: $ref: '#/components/schemas/QueryParameter' headers: description: Headers required for version routing (populated for header versioning) type: array items: $ref: '#/components/schemas/HeaderParameter' url: description: Complete reconstructed URL type: string example: "https://api.example.com/my-api/v1" required: - protocol - domain - listen_path - url type: object x-go-package: github.com/TykTechnologies/tyk-analytics/dashboard QueryParameter: description: Query parameter name-value pair properties: name: description: Query parameter name (e.g., "version") type: string example: "version" value: description: Query parameter value (e.g., "v1") type: string example: "v1" required: - name - value type: object x-go-package: github.com/TykTechnologies/tyk-analytics/dashboard HeaderParameter: description: HTTP header name-value pair properties: name: description: Header name (e.g., "X-API-Version") type: string example: "X-API-Version" value: description: Header value (e.g., "v1") type: string example: "v1" required: - name - value type: object x-go-package: github.com/TykTechnologies/tyk-analytics/dashboard AllApidefSchemasResponse: properties: message: type: string schemas: properties: oas: {} streamsOAS: {} status: type: string type: object x-go-package: github.com/TykTechnologies/tyk-analytics/dashboard OAuthApps: properties: apps: items: $ref: '#/components/schemas/OAuthClient' nullable: true type: array pages: type: integer type: object OAuthClient: properties: client_id: type: string client_name: type: string dcr_registration: $ref: '#/components/schemas/DcrpRegistration' description: type: string meta_data: additionalProperties: type: string type: object policy_id: type: string redirect_uri: type: string secret: type: string type: object OAuthClientToken: properties: code: type: string expires: format: int64 type: integer type: object OAuthClientTokens: items: $ref: '#/components/schemas/OAuthClientToken' nullable: true type: array OIDC: nullable: true properties: AuthSources: $ref: '#/components/schemas/AuthSources' enabled: type: boolean providers: items: $ref: '#/components/schemas/Provider' type: array scopes: $ref: '#/components/schemas/Scopes' segregateByClientId: type: boolean type: object OIDProviderConfig: properties: client_ids: additionalProperties: type: string nullable: true type: object issuer: type: string type: object x-go-package: github.com/TykTechnologies/tyk/apidef OpenIDOptions: properties: providers: items: $ref: '#/components/schemas/OIDProviderConfig' nullable: true type: array segregate_by_client: type: boolean type: object x-go-package: github.com/TykTechnologies/tyk/apidef Operation: properties: allow: $ref: '#/components/schemas/Allowance' block: $ref: '#/components/schemas/Allowance' cache: $ref: '#/components/schemas/CachePlugin' circuitBreaker: $ref: '#/components/schemas/CircuitBreaker' doNotTrackEndpoint: $ref: '#/components/schemas/TrackEndpoint' enforceTimeout: $ref: '#/components/schemas/EnforceTimeout' ignoreAuthentication: $ref: '#/components/schemas/Allowance' internal: $ref: '#/components/schemas/Internal' mockResponse: $ref: '#/components/schemas/MockResponse' postPlugins: $ref: '#/components/schemas/EndpointPostPlugins' rateLimit: $ref: '#/components/schemas/RateLimitEndpoint' requestSizeLimit: $ref: '#/components/schemas/RequestSizeLimit' trackEndpoint: $ref: '#/components/schemas/TrackEndpoint' transformRequestBody: $ref: '#/components/schemas/TransformBody' transformRequestHeaders: $ref: '#/components/schemas/TransformHeaders' transformRequestMethod: $ref: '#/components/schemas/TransformRequestMethod' transformResponseBody: $ref: '#/components/schemas/TransformBody' transformResponseHeaders: $ref: '#/components/schemas/TransformHeaders' urlRewrite: $ref: '#/components/schemas/URLRewrite' validateRequest: $ref: '#/components/schemas/ValidateRequest' virtualEndpoint: $ref: '#/components/schemas/VirtualEndpoint' type: object OperationType2: nullable: true properties: callbacks: $ref: '#/components/schemas/Callbacks' deprecated: type: boolean description: type: string externalDocs: $ref: '#/components/schemas/ExternalDocs' operationId: type: string parameters: $ref: '#/components/schemas/Parameters' requestBody: $ref: '#/components/schemas/RequestBodyRef' responses: $ref: '#/components/schemas/Responses' security: $ref: '#/components/schemas/SecurityRequirements' servers: $ref: '#/components/schemas/Servers' summary: type: string tags: items: type: string type: array type: object Operations: additionalProperties: $ref: '#/components/schemas/Operation' type: object ParameterRef: type: object Parameters: items: $ref: '#/components/schemas/ParameterRef' type: array ParametersMap: additionalProperties: $ref: '#/components/schemas/ParameterRef' type: object OrganisationNotification: properties: id: type: string created_at: type: string org_id: type: string hash: type: string kind: type: string enum: [ "critical", "warning" ] topic: type: string enum: [ "certificate.expiry" ] title: type: string message: type: string data: oneOf: - $ref: "#/components/schemas/CertificateExpiryData" type: object x-go-package: github.com/TykTechnologies/tyk-analytics/dashboard/model PathItem: properties: $ref: type: string connect: $ref: '#/components/schemas/OperationType2' delete: $ref: '#/components/schemas/OperationType2' description: type: string get: $ref: '#/components/schemas/OperationType2' head: $ref: '#/components/schemas/OperationType2' options: $ref: '#/components/schemas/OperationType2' parameters: $ref: '#/components/schemas/Parameters' patch: $ref: '#/components/schemas/OperationType2' post: $ref: '#/components/schemas/OperationType2' put: $ref: '#/components/schemas/OperationType2' servers: $ref: '#/components/schemas/Servers' summary: type: string trace: $ref: '#/components/schemas/OperationType2' type: object Paths: additionalProperties: $ref: '#/components/schemas/PathItem' type: object PersistGraphQLMeta: properties: method: type: string operation: type: string path: type: string variables: additionalProperties: {} nullable: true type: object type: object x-go-package: github.com/TykTechnologies/tyk/apidef PinnedPublicKey: properties: domain: type: string publicKeys: items: type: string nullable: true type: array type: object PinnedPublicKeys: items: $ref: '#/components/schemas/PinnedPublicKey' nullable: true type: array PkixName: type: object PluginBundle: nullable: true properties: enabled: type: boolean path: type: string type: object PluginConfig: nullable: true properties: bundle: $ref: '#/components/schemas/PluginBundle' data: $ref: '#/components/schemas/PluginConfigData' driver: type: string type: object PluginConfigData: nullable: true properties: enabled: type: boolean value: additionalProperties: {} nullable: true type: object type: object Policy: properties: _id: type: string access_rights: additionalProperties: $ref: '#/components/schemas/AccessDefinition' nullable: true type: object active: type: boolean date_created: format: date-time type: string hmac_enabled: type: boolean id: type: string is_inactive: type: boolean key_expires_in: format: int64 type: integer last_updated: type: string max_query_depth: type: integer meta_data: additionalProperties: {} nullable: true type: object name: type: string org_id: type: string partitions: properties: acl: type: boolean complexity: type: boolean per_api: type: boolean quota: type: boolean rate_limit: type: boolean type: object per: format: double type: number quota_max: format: int64 type: integer quota_renewal_rate: format: int64 type: integer rate: format: double type: number smoothing: $ref: '#/components/schemas/RateLimitSmoothing' tags: items: type: string nullable: true type: array throttle_interval: format: double type: number throttle_retry_limit: type: integer type: object PolicyList: items: $ref: '#/components/schemas/Policy' nullable: true type: array PostAuthenticationPlugin: nullable: true properties: plugins: $ref: '#/components/schemas/CustomPlugins' type: object PostPlugin: nullable: true properties: plugins: $ref: '#/components/schemas/CustomPlugins' type: object PrePlugin: nullable: true properties: plugins: $ref: '#/components/schemas/CustomPlugins' type: object Provider: properties: clientToPolicyMapping: items: $ref: '#/components/schemas/ClientToPolicy' type: array issuer: type: string type: object ProviderType2: properties: introspection: $ref: '#/components/schemas/Introspection' jwt: $ref: '#/components/schemas/JWTValidation' type: object x-go-package: github.com/TykTechnologies/tyk/apidef ProxyConfig: properties: check_host_against_uptime_tests: type: boolean disable_strip_slash: type: boolean enable_load_balancing: type: boolean listen_path: type: string preserve_host_header: type: boolean service_discovery: $ref: '#/components/schemas/ServiceDiscoveryConfiguration' strip_listen_path: type: boolean target_list: items: type: string nullable: true type: array target_url: type: string transport: properties: proxy_url: type: string ssl_ciphers: items: type: string nullable: true type: array ssl_force_common_name_check: type: boolean ssl_insecure_skip_verify: type: boolean ssl_max_version: minimum: 0 type: integer ssl_min_version: minimum: 0 type: integer type: object type: object x-go-package: github.com/TykTechnologies/tyk/apidef RateLimit: nullable: true properties: enabled: type: boolean per: $ref: '#/components/schemas/TimeReadableDuration' rate: type: integer type: object RateLimitEndpoint: nullable: true properties: enabled: type: boolean per: $ref: '#/components/schemas/TimeReadableDuration' rate: type: integer type: object RateLimitMeta: properties: disabled: type: boolean method: type: string path: type: string per: format: double type: number rate: format: double type: number type: object x-go-package: github.com/TykTechnologies/tyk/apidef RateLimitSmoothing: nullable: true properties: delay: description: Delay is a hold-off between smoothing events and controls how frequently the current allowance will step up or down (in seconds). format: int64 minimum: 1 type: integer enabled: description: ' Enabled indicates if rate limit smoothing is active.' type: boolean step: description: Step is the increment by which the current allowance will be increased or decreased each time a smoothing event is emitted. format: int64 minimum: 1 type: integer threshold: description: Threshold is the initial rate limit beyond which smoothing will be applied. It is a count of requests during the per interval and should be less than the maximum configured rate. format: int64 minimum: 1 type: integer trigger: description: Trigger is a fraction (typically in the range 0.1-1.0) of the step at which point a smoothing event will be emitted as the request rate approaches the current allowance. format: double minimum: 0 multipleOf: 0.01 type: number type: object RequestBodies: additionalProperties: $ref: '#/components/schemas/RequestBodyRef' type: object RequestBodyRef: type: object RequestHeadersRewriteConfig: properties: remove: type: boolean value: type: string type: object x-go-package: github.com/TykTechnologies/tyk/apidef RequestSigningMeta: properties: algorithm: type: string certificate_id: type: string header_list: items: type: string nullable: true type: array is_enabled: type: boolean key_id: type: string secret: type: string signature_header: type: string type: object x-go-package: github.com/TykTechnologies/tyk/apidef RequestSizeLimit: nullable: true properties: enabled: type: boolean value: format: int64 type: integer type: object RequestSizeMeta: properties: disabled: type: boolean method: type: string path: type: string size_limit: format: int64 type: integer type: object x-go-package: github.com/TykTechnologies/tyk/apidef ResponsePlugin: nullable: true properties: plugins: $ref: '#/components/schemas/CustomPlugins' type: object ResponseProcessor: properties: name: type: string options: {} type: object x-go-package: github.com/TykTechnologies/tyk/apidef ResponseRef: type: object Responses: additionalProperties: $ref: '#/components/schemas/ResponseRef' type: object ResultId: properties: alias: type: string api_id: example: 7364617cc7d345d9755d182635dfd46d type: string api_name: example: OAS http type: string code: type: integer day: example: 12 type: integer hour: example: 0 type: integer iso_country: type: string key: type: string month: example: 6 type: integer path: type: string queries: additionalProperties: type: integer type: object url: type: string year: example: 2024 type: integer type: object ResultUnit: properties: error: example: 4 type: integer hits: example: 26 type: integer id: $ref: '#/components/schemas/ResultId' last_hit: example: "2024-06-19T06:33:30Z" format: date-time type: string latency: example: 0 format: double type: number max_latency: example: 0 format: int64 type: integer max_upstream_latency: example: 0 format: int64 type: integer min_latency: example: 0 format: int64 type: integer min_upstream_latency: example: 0 format: int64 type: integer request_time: example: 190.2 format: double type: number success: example: 22 type: integer upstream_latency: example: 0 format: double type: number type: object ReturnDataStruct: properties: Data: $ref: '#/components/schemas/PolicyList' Pages: type: integer type: object RoutingTrigger: properties: "on": type: string options: $ref: '#/components/schemas/RoutingTriggerOptions' rewrite_to: type: string type: object x-go-package: github.com/TykTechnologies/tyk/apidef RoutingTriggerOptions: properties: header_matches: additionalProperties: $ref: '#/components/schemas/StringRegexMap' nullable: true type: object path_part_matches: additionalProperties: $ref: '#/components/schemas/StringRegexMap' nullable: true type: object payload_matches: $ref: '#/components/schemas/StringRegexMap' query_val_matches: additionalProperties: $ref: '#/components/schemas/StringRegexMap' nullable: true type: object request_context_matches: additionalProperties: $ref: '#/components/schemas/StringRegexMap' nullable: true type: object session_meta_matches: additionalProperties: $ref: '#/components/schemas/StringRegexMap' nullable: true type: object type: object x-go-package: github.com/TykTechnologies/tyk/apidef SSOAccessData: properties: DisplayName: type: string EmailAddress: type: string ForSection: enum: - dashboard - portal type: string GroupID: type: string OrgID: type: string SSOOnlyForRegisteredUsers: type: boolean UserNotAllowed: type: boolean type: object SchemaRef: type: object Schemas: additionalProperties: $ref: '#/components/schemas/SchemaRef' type: object ScopeClaim: properties: scope_claim_name: type: string scope_to_policy: additionalProperties: type: string type: object type: object x-go-package: github.com/TykTechnologies/tyk/apidef ScopeToPolicy: properties: policyId: type: string scope: type: string type: object Scopes: nullable: true properties: claimName: type: string scopeToPolicyMapping: items: $ref: '#/components/schemas/ScopeToPolicy' type: array type: object ScopesType2: properties: jwt: $ref: '#/components/schemas/ScopeClaim' oidc: $ref: '#/components/schemas/ScopeClaim' type: object x-go-package: github.com/TykTechnologies/tyk/apidef SecurityRequirement: additionalProperties: items: type: string type: array type: object SecurityRequirements: items: $ref: '#/components/schemas/SecurityRequirement' nullable: true type: array SecuritySchemeRef: type: object SecuritySchemes: additionalProperties: {} type: object SecuritySchemesType2: additionalProperties: $ref: '#/components/schemas/SecuritySchemeRef' type: object Server: properties: authentication: $ref: '#/components/schemas/Authentication' clientCertificates: $ref: '#/components/schemas/ClientCertificates' customDomain: $ref: '#/components/schemas/Domain' detailedActivityLogs: $ref: '#/components/schemas/DetailedActivityLogs' detailedTracing: $ref: '#/components/schemas/DetailedTracing' eventHandlers: $ref: '#/components/schemas/EventHandlers' gatewayTags: $ref: '#/components/schemas/GatewayTags' listenPath: $ref: '#/components/schemas/ListenPath' type: object ServerType2: properties: description: type: string url: type: string variables: additionalProperties: $ref: '#/components/schemas/ServerVariable' type: object type: object ServerVariable: properties: default: type: string description: type: string enum: items: type: string type: array type: object Servers: items: $ref: '#/components/schemas/ServerType2' nullable: true type: array ServiceDiscovery: nullable: true properties: cache: $ref: '#/components/schemas/ServiceDiscoveryCache' cacheTimeout: format: int64 type: integer dataPath: type: string enabled: type: boolean endpointReturnsList: type: boolean parentDataPath: type: string portDataPath: type: string queryEndpoint: type: string targetPath: type: string useNestedQuery: type: boolean useTargetList: type: boolean type: object ServiceDiscoveryCache: nullable: true properties: enabled: type: boolean timeout: format: int64 type: integer type: object ServiceDiscoveryConfiguration: properties: cache_disabled: type: boolean cache_timeout: format: int64 type: integer data_path: type: string endpoint_returns_list: type: boolean parent_data_path: type: string port_data_path: type: string query_endpoint: type: string target_path: type: string use_discovery_service: type: boolean use_nested_query: type: boolean use_target_list: type: boolean type: object x-go-package: github.com/TykTechnologies/tyk/apidef SessionEndpoint: properties: methods: items: $ref: '#/components/schemas/SessionEndpointMethod' type: array path: type: string type: object SessionEndpointMethod: properties: limit: $ref: '#/components/schemas/SessionEndpointRateLimit' name: type: string type: object SessionEndpointRateLimit: properties: per: format: int64 type: integer rate: format: int64 type: integer type: object SessionProviderMeta: properties: meta: additionalProperties: {} nullable: true type: object name: type: string storage_engine: type: string type: object x-go-package: github.com/TykTechnologies/tyk/apidef SessionState: properties: access_rights: additionalProperties: $ref: '#/components/schemas/AccessDefinition' nullable: true type: object alias: example: portal-developer@example.org type: string allowance: example: 1000 format: double type: number apply_policies: example: - 641c15dd0fffb800010197bf - 615d2e528bf3980001c7c6c2 items: type: string nullable: true type: array apply_policy_id: deprecated: true description: deprecated use apply_policies going forward instead to send a list of policies ids example: 641c15dd0fffb800010197bf type: string basic_auth_data: properties: hash_type: example: bcrypt type: string password: example: testuse1 type: string user: example: admin-user@example.org type: string type: object certificate: type: string data_expires: example: 0 format: int64 type: integer date_created: example: "2024-05-14T13:15:46.560506+03:00" format: date-time type: string enable_detailed_recording: example: true type: boolean expires: example: 1.716895221e+09 format: int64 type: integer hmac_enabled: example: false type: boolean hmac_string: type: string id_extractor_deadline: example: 0 format: int64 type: integer is_inactive: type: boolean jwt_data: properties: secret: type: string type: object key_id: type: string last_check: example: 0 format: int64 type: integer last_updated: example: "1715681746" type: string max_query_depth: example: 5 type: integer meta_data: example: tyk_developer_id: 62b3fb9a1d5e4f00017226f5 monitor: properties: trigger_limits: example: - 80 - 60 - 50 items: format: double type: number nullable: true type: array type: object oauth_client_id: type: string oauth_keys: additionalProperties: type: string nullable: true type: object org_id: example: 5e9d9544a1dcd60001d0ed20 type: string per: example: 60 format: double type: number quota_max: example: 1.710302205e+09 format: int64 type: integer quota_remaining: example: 20000 format: int64 type: integer quota_renewal_rate: example: -1 format: int64 type: integer quota_renews: example: 1.715681745e+09 format: int64 type: integer rate: example: 1000 format: double type: number session_lifetime: example: 0 format: int64 type: integer smoothing: $ref: '#/components/schemas/RateLimitSmoothing' tags: example: - edge - edge-eu items: type: string nullable: true type: array throttle_interval: example: 10 format: double type: number throttle_retry_limit: example: -1 type: integer type: object SignatureConfig: properties: algorithm: type: string allowed_clock_skew: format: int64 type: integer error_code: type: integer error_message: type: string header: type: string param_name: type: string secret: type: string use_param: type: boolean type: object x-go-package: github.com/TykTechnologies/tyk/apidef State: properties: active: type: boolean internal: type: boolean type: object StringRegexMap: properties: match_rx: type: string reverse: type: boolean type: object x-go-package: github.com/TykTechnologies/tyk/apidef SystemStatsResp: properties: message: type: string stats: $ref: '#/components/schemas/EntityStats' status: example: Success type: string type: object Tag: properties: description: type: string externalDocs: $ref: '#/components/schemas/ExternalDocs' name: type: string type: object Tags: items: $ref: '#/components/schemas/Tag' type: array TemplateData: properties: enable_session: type: boolean input_type: type: string template_mode: type: string template_source: type: string type: object x-go-package: github.com/TykTechnologies/tyk/apidef TemplateMeta: properties: disabled: type: boolean method: type: string path: type: string template_data: $ref: '#/components/schemas/TemplateData' type: object x-go-package: github.com/TykTechnologies/tyk/apidef Test: nullable: true properties: serviceDiscovery: $ref: '#/components/schemas/ServiceDiscovery' type: object TimeDuration: format: duration type: string example: "30s" TimeReadableDuration: format: duration type: string example: PT2H30M15S TrackEndpoint: nullable: true properties: enabled: type: boolean type: object TrackEndpointMeta: properties: disabled: type: boolean method: type: string path: type: string type: object x-go-package: github.com/TykTechnologies/tyk/apidef TrafficLogs: nullable: true properties: enabled: type: boolean type: object TransformBody: nullable: true properties: body: type: string enabled: type: boolean format: type: string path: type: string type: object TransformHeaders: nullable: true properties: add: $ref: '#/components/schemas/Headers' enabled: type: boolean remove: items: type: string type: array type: object TransformJQMeta: properties: filter: type: string method: type: string path: type: string type: object x-go-package: github.com/TykTechnologies/tyk/apidef TransformRequestMethod: nullable: true properties: enabled: type: boolean toMethod: type: string type: object UDGGlobalHeader: properties: key: type: string value: type: string type: object x-go-package: github.com/TykTechnologies/tyk/apidef URLRewrite: nullable: true properties: enabled: type: boolean pattern: type: string rewriteTo: type: string triggers: items: $ref: '#/components/schemas/URLRewriteTrigger' type: array type: object URLRewriteMeta: properties: disabled: type: boolean match_pattern: type: string method: type: string path: type: string rewrite_to: type: string triggers: items: $ref: '#/components/schemas/RoutingTrigger' nullable: true type: array type: object x-go-package: github.com/TykTechnologies/tyk/apidef URLRewriteRule: properties: in: type: string name: type: string negate: type: boolean pattern: type: string type: object URLRewriteTrigger: properties: condition: type: string rewriteTo: type: string rules: items: $ref: '#/components/schemas/URLRewriteRule' type: array type: object URLVals: properties: ApiURL: type: string BasePath: type: string Host: type: string type: object Upstream: properties: certificatePinning: $ref: '#/components/schemas/CertificatePinning' mutualTLS: $ref: '#/components/schemas/MutualTLS' rateLimit: $ref: '#/components/schemas/RateLimit' serviceDiscovery: $ref: '#/components/schemas/ServiceDiscovery' test: $ref: '#/components/schemas/Test' url: type: string type: object UptimeTests: properties: check_list: items: $ref: '#/components/schemas/HostCheckObject' nullable: true type: array config: $ref: '#/components/schemas/UptimeTestsConfig' type: object x-go-package: github.com/TykTechnologies/tyk/apidef UptimeTestsConfig: properties: expire_utime_after: format: int64 type: integer recheck_wait: type: integer service_discovery: $ref: '#/components/schemas/ServiceDiscoveryConfiguration' type: object x-go-package: github.com/TykTechnologies/tyk/apidef User: properties: access_key: example: d7ebef749e4348cb67fec3cfc81f0a50 type: string active: example: true type: boolean api_model: $ref: '#/components/schemas/ApiModel' created_at: example: "2024-05-19T08:23:29.034+03:00" format: date-time type: string email_address: example: multi-org-user@example.org type: string first_name: example: itachi type: string group_id: example: 5e9d9544a1dcd60001d0ed20 type: string id: example: 66498cd1e2fcd1000184ecb5 type: string last_login_date: example: "2024-05-19T08:42:22.659839+03:00" format: date-time type: string last_name: example: sasuke type: string org_id: example: 5e9d9544a1dcd60001d0ed20 type: string password_max_days: example: 0 type: integer password_updated: example: "2024-05-19T08:23:29.146+03:00" format: date-time type: string user_permissions: $ref: '#/components/schemas/UserPermissionObject' required: - first_name - last_name - email_address - user_permissions type: object UserGroup: properties: active: example: true type: boolean description: example: Devops logs and analytics access type: string id: example: 6649986d5715ec4c96cbef2b type: string name: example: 66498cd1e2fcd1000184ecb8 type: string org_id: example: 5e9d9544a1dcd60001d0ed20 type: string password_max_days: example: 0 type: integer user_permissions: $ref: '#/components/schemas/UserPermissionObject' type: object UserGroups: properties: groups: items: $ref: '#/components/schemas/UserGroup' nullable: true type: array pages: type: integer type: object UserPassword: properties: api_model: $ref: '#/components/schemas/ApiModel' current_password: example: testuser1password minLength: 6 type: string new_password: example: newtestuser1password minLength: 6 type: string type: object UserPermissionObject: additionalProperties: type: string type: object UserSearchPayload: properties: filters: properties: query: example: itachi@tyk.io type: string type: object type: object Users: properties: pages: type: integer users: items: $ref: '#/components/schemas/User' nullable: true type: array type: object ValidatePathMeta: properties: disabled: type: boolean error_response_code: type: integer method: type: string path: type: string schema: additionalProperties: {} nullable: true type: object schema_b64: type: string type: object x-go-package: github.com/TykTechnologies/tyk/apidef ValidateRequest: nullable: true properties: enabled: type: boolean errorResponseCode: type: integer type: object ValidateRequestMeta: properties: enabled: type: boolean error_response_code: type: integer method: type: string path: type: string type: object x-go-package: github.com/TykTechnologies/tyk/apidef VersionData: properties: default_version: type: string not_versioned: type: boolean versions: additionalProperties: $ref: '#/components/schemas/VersionInfo' nullable: true type: object type: object x-go-package: github.com/TykTechnologies/tyk/apidef VersionDefinition: properties: default: type: string enabled: type: boolean fallback_to_default: type: boolean key: type: string location: type: string name: type: string strip_path: type: boolean strip_versioning_data: type: boolean url_versioning_pattern: type: string versions: additionalProperties: type: string nullable: true type: object type: object x-go-package: github.com/TykTechnologies/tyk/apidef VersionInfo: properties: expires: type: string extended_paths: $ref: '#/components/schemas/ExtendedPathsSet' global_headers: additionalProperties: type: string nullable: true type: object global_headers_disabled: type: boolean global_headers_remove: items: type: string nullable: true type: array global_response_headers: additionalProperties: type: string nullable: true type: object global_response_headers_disabled: type: boolean global_response_headers_remove: items: type: string nullable: true type: array global_size_limit: format: int64 type: integer ignore_endpoint_case: type: boolean name: type: string override_target: type: string paths: properties: black_list: items: type: string nullable: true type: array ignored: items: type: string nullable: true type: array white_list: items: type: string nullable: true type: array type: object use_extended_paths: type: boolean type: object x-go-package: github.com/TykTechnologies/tyk/apidef VersionMeta: properties: expirationDate: type: string id: type: string internal: type: boolean isDefaultVersion: type: boolean name: type: string versionName: type: string type: object VersionMetas: properties: apis: items: $ref: '#/components/schemas/VersionMeta' nullable: true type: array pages: type: integer type: object VersionToID: properties: id: type: string name: type: string type: object Versioning: nullable: true properties: default: type: string enabled: type: boolean fallbackToDefault: type: boolean key: type: string location: type: string name: type: string stripVersioningData: type: boolean urlVersioningPattern: type: string versions: items: $ref: '#/components/schemas/VersionToID' nullable: true type: array type: object VirtualEndpoint: nullable: true properties: body: type: string enabled: type: boolean functionName: type: string name: type: string path: type: string proxyOnError: type: boolean requireSession: type: boolean type: object VirtualMeta: properties: disabled: type: boolean function_source_type: type: string function_source_uri: type: string method: type: string path: type: string proxy_on_error: type: boolean response_function_name: type: string use_session: type: boolean type: object x-go-package: github.com/TykTechnologies/tyk/apidef WebHookHandlerConf: properties: api_model: $ref: '#/components/schemas/ApiModel' event_timeout: example: 0 format: int64 type: integer header_map: additionalProperties: type: string example: secret: superscretkey x-auth: authvalue nullable: true type: object id: example: 664b613f5715ec4c96cbef3e type: string method: example: POST type: string name: example: Expired Keys webhook type: string org_id: example: 5e9d9544a1dcd60001d0ed20 type: string target_path: example: https://httpbin.org/expired-keys type: string template_path: example: templates/default_webhook.json type: string webhook_id: example: 1f78e319202b430e92286cff3ca759e3 type: string required: - method - target_path type: object WebHooks: properties: hooks: items: $ref: '#/components/schemas/WebHookHandlerConf' nullable: true type: array pages: type: integer type: object XTykAPIGateway: properties: info: $ref: '#/components/schemas/Info' middleware: $ref: '#/components/schemas/Middleware' server: $ref: '#/components/schemas/Server' upstream: $ref: '#/components/schemas/Upstream' type: object TykVendorExtension: properties: x-tyk-api-gateway: $ref: '#/components/schemas/XTykAPIGateway' type: object XTykStreaming: properties: x-tyk-streaming: type: object properties: streams: type: object additionalProperties: true #to be added MigrateAPIRequest: type: object required: - mode properties: apiIDs: type: array items: type: string description: List of API IDs to migrate. Cannot be used together with 'all' all: type: boolean description: Migrate all APIs. Cannot be used together with 'apiIDs' abortOnFailure: type: boolean description: Stop migration process on first failure mode: type: string enum: - dryRun - stage - promote - direct description: Migration mode to use overrideStaged: type: boolean description: When mode is staged and overrideStaged is set to true, migration process will overwrite already existing staged API with the same staged ID MigrateAPIResponse: description: migration API response object type: object properties: success: description: reports details of APIs migrated successfully type: object properties: count: description: count of APIs migrated successfully type: integer apiIDs: description: list of API IDs migrated successfully type: array items: type: string stagedAPIs: description: reports the details of APIs staged in stage mode type: array items: type: object properties: classicAPIID: type: string oasAPIID: type: string definitions: type: array items: type: object properties: apiID: type: string baseAPI: description: contains the migrated base API in Tyk OAS format type: object versions: description: contains the versioned API definitions in Tyk OAS format type: array items: type: object failure: description: reports the details of failed API migrations type: object properties: count: description: count of APIs failed migration type: integer errors: description: details of errors occurred during migration type: array items: type: object properties: apiID: type: string message: type: array items: type: string skipped: description: reports the details of skipped APIs type: object properties: count: type: integer apis: type: array items: type: object properties: apiID: type: string message: type: string key: type: string nullable: true enum: - already_migrated - already_staged - is_tcp - is_streams - is_graphql - is_websocket - not_staged abortedOnFailure: description: reports whether migration process aborted on first failure type: boolean securitySchemes: bearerAuth: description: The Tyk Dashboard API Access Credentials scheme: bearer type: http