openapi: 3.0.3 info: contact: email: support@tyk.io name: Tyk Technologies url: https://tyk.io/contact description: >+ The Tyk Gateway API is the primary means for integrating your application with the Tyk API Gateway system. This API is very small, and has no granular permissions system. It is intended to be used purely for internal automation and integration. **Warning: Under no circumstances should outside parties be granted access to this API.** The Tyk Gateway API is capable of: * Managing session objects (key generation). * Managing and listing policies. * Managing and listing API Definitions (only when not using the Tyk Dashboard). * Hot reloads / reloading a cluster configuration. * OAuth client creation (only when not using the Tyk Dashboard). In order to use the Gateway API, you'll need to set the **secret** parameter in your tyk.conf file. The shared secret you set should then be sent along as a header with each Gateway API Request in order for it to be successful: **x-tyk-authorization: ***
The Tyk Gateway API is subsumed by the Tyk Dashboard API in Pro installations. license: name: Mozilla Public License Version 2.0 url: https://github.com/TykTechnologies/tyk/blob/master/LICENSE.md title: Tyk Gateway API version: 5.7.1 servers: - url: https://{tenant} variables: tenant: default: localhost:8080 description: Your gateway host security: - api_key: [] tags: - description: > Tyk supports batch requests, so a client makes a single request to the API but gets a compound response object back. This is especially handy if clients have complex requests that have multiple synchronous dependencies and do not wish to have the entire request / response cycle running for each event. To enable batch request support, set the `enable_batch_request_support` value to `true` Batch requests that come into Tyk are *run through the whole Tyk machinery* and *use a relative path to prevent spamming*. This means that a batch request to Tyk for three resources with the same API key will have three requests applied to their session quota and request limiting could become active if they are being throttled. Tyk reconstructs the API request based on the data in the batch request. This is to ensure that Tyk is not being used to proxy requests to other hosts outside of the upstream API being accessed. Batch requests are created by POSTING to the `/{listen_path}/tyk/batch/` endpoint. These requests **do not require a valid key**, but their request list does.

Sample Request

```{json} { "requests": [ { "method": "GET", "headers": { "x-tyk-test": "1", "x-tyk-version": "1.2", "authorization": "1dbc83b9c431649d7698faa9797e2900f" }, "body": "", "relative_url": "get" }, { "method": "GET", "headers": { "x-tyk-test": "2", "x-tyk-version": "1.2", "authorization": "1dbc83b9c431649d7698faa9797e2900f" }, "body": "", "relative_url": "get" } ], "suppress_parallel_execution": false } ``` The response will be a structured reply that encapsulates the responses for each of the outbound requests. If `suppress_parallel_execution` is set to `true`, requests will be made synchronously. If set to `false` then they will run in parallel and the response order is not guaranteed.

Sample Response

``` [ { "relative_url": "get", "code": 200, "headers": { "Access-Control-Allow-Credentials": [ "true" ], "Access-Control-Allow-Origin": [ "*" ], "Content-Length": [ "497" ], "Content-Type": [ "application/json" ], "Date": [ "Wed, 12 Nov 2014 15:32:43 GMT" ], "Server": [ "gunicorn/18.0" ], "Via": [ "1.1 vegur" ] }, "body": "{ "args": {}, "headers": { "Accept-Encoding": "gzip", "Authorization": "1dbc83b9c431649d7698faa9797e2900f", "Connect-Time": "2", "Connection": "close", "Host": "httpbin.org", "Total-Route-Time": "0", "User-Agent": "Go 1.1 package http", "Via": "1.1 vegur", "X-Request-Id": "6a22499a-2776-4aa1-80c0-686581a8be4d", "X-Tyk-Test": "2", "X-Tyk-Version": "1.2" }, "origin": "127.0.0.1, 62.232.114.250", "url": "http://httpbin.org/get" }" }, { "relative_url": "get", "code": 200, "headers": { "Access-Control-Allow-Credentials": [ "true" ], "Access-Control-Allow-Origin": [ "*" ], "Content-Length": [ "497" ], "Content-Type": [ "application/json" ], "Date": [ "Wed, 12 Nov 2014 15:32:43 GMT" ], "Server": [ "gunicorn/18.0" ], "Via": [ "1.1 vegur" ] }, "body": "{ "args": {}, "headers": { "Accept-Encoding": "gzip", "Authorization": "1dbc83b9c431649d7698faa9797e2900f", "Connect-Time": "7", "Connection": "close", "Host": "httpbin.org", "Total-Route-Time": "0", "User-Agent": "Go 1.1 package http", "Via": "1.1 vegur", "X-Request-Id": "1ab61f50-51ff-4828-a7e2-17240385a6d2", "X-Tyk-Test": "1", "X-Tyk-Version": "1.2" }, "origin": "127.0.0.1, 62.232.114.250", "url": "http://httpbin.org/get" }" } ] ``` With the body for each request string encoded in the `body` field. * `expire_analytics_after`: If you are running a busy API, you may want to ensure that your MongoDB database does not overflow with old data. Set the `expire_analytics_after` value to the number of seconds you would like the data to last for. Setting this flag to anything above `0` will set an `expireAt` field for each record that is written to the database. **Important:** Tyk will not create the expiry index for you. In order to implement data expiry for your analytics data, ensure that the index is created This is easily achieved using the [MongoDB command line interface](https://docs.mongodb.com/getting-started/shell/client/). * `dont_set_quota_on_create`: This setting defaults to `false`, but if set to `true`, when the API is used to edit, create or add keys, the quota cache in Redis will not be re-set. By default, all updates or creates to Keys that have Quotas set will re-set the quota (This has been the default behaviour since 1.0). This behaviour can be bypassed on a case-by-case basis by using the `suppress_reset` parameter when making a REST API request. This is the advised mode of operation as it allows for manual, granular control over key quotas and reset timings. * `cache_options`: This section enables you to configure the caching behaviour of Tyk and to enable or disable the caching middleware for your API. * `cache_options.enable_cache`: Set this value to `true` if the cache should be enabled for this endpoint, setting it to false will stop all caching behaviour. * `cache_options.cache_timeout`: The amount of time, in seconds, to keep cached objects, defaults to `60` seconds. * `cache_options.cache_all_safe_requests`: Set this to `true` if you want all *safe* requests (GET, HEAD, OPTIONS) to be cached. This is a blanket setting for APIs where caching is required but you don't want to set individual paths up in the definition. * `cache_options.enable_upstream_cache_control`: Set this to `true` if you want your application to control the cache options for Tyk (TTL and whether to cache or not). See [Caching](/docs/basic-config-and-security/reduce-latency/caching/) for more details. * `response_processors`: Response processors need to be specifically defined so they are loaded on API creation, otherwise the middleware will not fire. In order to have the two main response middleware components fire, the following configuration object should be supplied. ```{json} "response_processors": [ { "name": "header_injector", "options": { "add_headers": {"name": "value"}, "remove_headers": ["name"] } }, { "name": "response_body_transform", "options": {} } ] ``` The options for the `header_injector` are global, and will apply to all outbound requests. name: Batch Requests - description: > Sometimes a cache might contain stale data, or it may just need to be cleared because of an invalid configuration. This call will purge all keys associated with a cache on an API-by-API basis. name: Cache Invalidation - description: >- Use the endpoints under this tag to manage your certificates. You can add, delete and list certificates using these endpoints. name: Certs - name: CertsTag - name: Debug - description: | Check health status of the Tyk Gateway and loaded APIs. name: Health Checking - description: | Force restart of the Gateway or whole cluster. name: Hot Reload - description: > All keys that are used to access services via Tyk correspond to a session object that informs Tyk about the context of this particular token, like access rules and rate/quota allowance. name: Keys - description: | Manage OAuth clients, and manage their tokens name: OAuth - description: > It is possible to force API quota and rate limit across all keys that belong to a specific organisation ID. Rate limiting at an organisation level is useful for creating tiered access levels and trial accounts.
The Organisation rate limiting middleware works with both Quotas and Rate Limiters. In order to manage this functionality, a simple API has been put in place to manage these sessions.
Although the Organisation session-limiter uses the same session object, all other security keys are optional as they are not used.

Managing active status

To disallow access to an entire group of keys without rate limiting the organisation, create a session object with the "is_inactive" key set to true. This will block access before any other middleware is executed. It is useful when managing subscriptions for an organisation group and access needs to be blocked because of non-payment.
name: Organisation Quotas - description: > A Tyk security policy incorporates several security options that can be applied to an API key. It acts as a template that can override individual sections of an API key (or identity) in Tyk. name: Policies - name: Schema - description: |+ **Note: Applies only to Tyk Gateway Community Edition**
name: Tyk OAS APIs paths: /hello: get: description: >- From v2.7.5 you can now rename the `/hello` endpoint by using the `health_check_endpoint_name` option. operationId: hello responses: '200': content: application/json: example: description: Tyk GW details: redis: componentType: datastore status: pass time: '2020-05-19T03:42:55+01:00' status: pass version: v5.5.0-dev schema: $ref: '#/components/schemas/HealthCheckResponse' description: Success. '403': content: application/json: example: message: Attempted administrative access with invalid or missing key! status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Forbidden '405': content: application/json: example: message: Method Not Allowed status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Method Not Allowed summary: Check the Health of the Tyk Gateway. tags: - Health Checking x-microcks-operation: delay: 0 dispatcher: FALLBACK /tyk/apis: get: description: List APIs from Tyk Gateway operationId: listApis responses: '200': content: application/json: example: - api_id: b84fe1a04e5648927971c0557971565c auth: auth_header_name: authorization definition: key: version location: header name: Tyk Test API org_id: 664a14650619d40001f1f00f proxy: listen_path: /tyk-api-test/ strip_listen_path: true target_url: https://httpbin.org use_oauth2: true version_data: not_versioned: true versions: Default: name: Default schema: items: $ref: '#/components/schemas/APIDefinition' type: array description: List of API definitions. '403': content: application/json: example: message: Attempted administrative access with invalid or missing key! status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Forbidden summary: Tyk Get List of Apis tags: [] x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: >- Create API. A single Tyk node can have its API Definitions queried, deleted and updated remotely. This functionality enables you to remotely update your Tyk definitions without having to manage the files manually. operationId: createApi parameters: - description: The base API which the new version will be linked to. example: 663a4ed9b6be920001b191ae in: query name: base_api_id required: false schema: type: string - description: >- The version name of the base API while creating the first version. This doesn't have to be sent for the next versions but if it is set, it will override base API version name. example: Default in: query name: base_api_version_name required: false schema: type: string - description: The version name of the created version. example: v2 in: query name: new_version_name required: false schema: type: string - description: If true, the new version is set as default version. example: true in: query name: set_default required: false schema: type: boolean requestBody: content: application/json: example: api_id: b84fe1a04e5648927971c0557971565c auth: auth_header_name: authorization definition: key: version location: header name: Tyk Test API org_id: 664a14650619d40001f1f00f proxy: listen_path: /tyk-api-test/ strip_listen_path: true target_url: https://httpbin.org use_oauth2: true version_data: not_versioned: true versions: Default: name: Default schema: $ref: '#/components/schemas/APIDefinition' responses: '200': content: application/json: example: action: added key: b84fe1a04e5648927971c0557971565c status: ok schema: $ref: '#/components/schemas/ApiModifyKeySuccess' description: API created. '400': content: application/json: example: message: Request malformed status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Bad Request '403': content: application/json: example: message: Attempted administrative access with invalid or missing key! status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Forbidden '500': content: application/json: example: message: file object creation failed, write error status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Internal server error. summary: Tyk Creat an Api tags: [] x-microcks-operation: delay: 0 dispatcher: FALLBACK /tyk/apis/{apiID}: delete: description: >- Deleting an API definition will remove the file from the file store, the API definition will NOT be unloaded, a separate reload request will need to be made to disable the API endpoint. operationId: deleteApi parameters: - description: The API ID. example: 1bd5c61b0e694082902cf15ddcc9e6a7 in: path name: apiID required: true schema: type: string responses: '200': content: application/json: example: action: deleted key: 1bd5c61b0e694082902cf15ddcc9e6a7 status: ok schema: $ref: '#/components/schemas/ApiModifyKeySuccess' description: API deleted. '403': content: application/json: example: message: Attempted administrative access with invalid or missing key! status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Forbidden '404': content: application/json: example: message: API not found status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: API not found. '500': content: application/json: example: message: Delete failed status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Internal server error. summary: Tyk Deleting an Api Definition With Id. tags: [] x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: Get API definition from Tyk Gateway. operationId: getApi parameters: - description: The API ID. example: keyless in: path name: apiID required: true schema: type: string responses: '200': content: application/json: example: api_id: b84fe1a04e5648927971c0557971565c auth: auth_header_name: authorization definition: key: version location: header name: Tyk Test API org_id: 664a14650619d40001f1f00f proxy: listen_path: /tyk-api-test/ strip_listen_path: true target_url: https://httpbin.org use_oauth2: true version_data: not_versioned: true versions: Default: name: Default schema: $ref: '#/components/schemas/APIDefinition' description: API definition. headers: x-tyk-base-api-id: description: ID of the base API if the requested API is a version. schema: type: string style: simple '403': content: application/json: example: message: Attempted administrative access with invalid or missing key! status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Forbidden '404': content: application/json: example: message: API not found. status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: API not found. summary: Tyk Get Api Definition With It's Id. tags: [] x-microcks-operation: delay: 0 dispatcher: FALLBACK put: description: >- Updating an API definition uses the same signature and object as a `POST`, however it will first ensure that the API ID that is being updated is the same as the one in the object being `PUT`. Updating will completely replace the file descriptor and will not change an API Definition that has already been loaded, the hot-reload endpoint will need to be called to push the new definition to live. operationId: updateApi parameters: - description: The API ID. example: 1bd5c61b0e694082902cf15ddcc9e6a7 in: path name: apiID required: true schema: type: string requestBody: content: application/json: example: api_id: b84fe1a04e5648927971c0557971565c auth: auth_header_name: authorization definition: key: version location: header name: Update the API name sample org_id: 664a14650619d40001f1f00f proxy: listen_path: /update-listen-path strip_listen_path: true target_url: https://tyk.io/api use_oauth2: true version_data: not_versioned: true versions: Default: name: Default schema: $ref: '#/components/schemas/APIDefinition' responses: '200': content: application/json: example: action: modified key: 1bd5c61b0e694082902cf15ddcc9e6a7 status: ok schema: $ref: '#/components/schemas/ApiModifyKeySuccess' description: API updated. '400': content: application/json: example: message: Request malformed status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Bad Request '403': content: application/json: example: message: Attempted administrative access with invalid or missing key! status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Forbidden '404': content: application/json: example: message: API not found status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: API not found. '500': content: application/json: example: message: File object creation failed, write error. status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Internal server error. summary: Tyk Updating an Api Definition With Its Id. tags: [] x-microcks-operation: delay: 0 dispatcher: FALLBACK /tyk/apis/{apiID}/versions: get: description: Listing versions of an API. operationId: listApiVersions parameters: - description: The API ID. example: keyless in: path name: apiID required: true schema: type: string - $ref: '#/components/parameters/SearchText' - $ref: '#/components/parameters/AccessType' responses: '200': content: application/json: example: apis: - expirationDate: '' id: keyless internal: false isDefaultVersion: false name: Tyk Test Keyless API versionName: '' - expirationDate: '' id: 1f20d5d2731d47ac9c79fddf826eda00 internal: false isDefaultVersion: true name: Version three Api versionName: v2 status: success schema: $ref: '#/components/schemas/VersionMetas' description: API version metas. '403': content: application/json: example: message: Attempted administrative access with invalid or missing key! status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Forbidden '404': content: application/json: example: message: API not found status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: API not found. summary: Tyk Listing Versions of an Api. tags: [] x-microcks-operation: delay: 0 dispatcher: FALLBACK /tyk/apis/oas: get: description: List all APIs in Tyk OAS API format, from Tyk Gateway. operationId: listApisOAS parameters: - description: >- By default mode is empty which means it will return the Tyk API OAS spec including the x-tyk-api-gateway part. When mode=public, the Tyk OAS API spec will exclude the x-tyk-api-gateway part in the response. example: public in: query name: mode required: false schema: enum: - public type: string responses: '200': content: application/json: examples: oasExampleList: $ref: '#/components/examples/oasExampleList' schema: items: allOf: - $ref: >- https://raw.githubusercontent.com/TykTechnologies/tyk/refs/heads/master/apidef/oas/schema/3.0.json - $ref: '#/components/schemas/XTykAPIGateway' type: array description: List of API definitions in Tyk OAS format. '403': content: application/json: example: message: Attempted administrative access with invalid or missing key! status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Forbidden summary: List All Apis in Tyk Oas Api Format. tags: - Tyk OAS APIs x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: Create an API with Tyk OAS API format on the Tyk Gateway. operationId: createApiOAS parameters: - description: The base API which the new version will be linked to. example: 663a4ed9b6be920001b191ae in: query name: base_api_id required: false schema: type: string - description: >- The version name of the base API while creating the first version. This doesn't have to be sent for the next versions but if it is set, it will override base API version name. example: Default in: query name: base_api_version_name required: false schema: type: string - description: The version name of the created version. example: v2 in: query name: new_version_name required: false schema: type: string - description: If true, the new version is set as default version. example: true in: query name: set_default required: false schema: type: boolean requestBody: content: application/json: example: components: securitySchemes: bearerAuth: description: The API Access Credentials scheme: bearer type: http info: description: This is a sample OAS. title: OAS Sample version: 1.0.0 openapi: 3.0.3 paths: /api/sample/users: get: operationId: getUsers responses: '200': content: application/json: schema: items: properties: name: type: string type: object type: array description: fetched users summary: Get users tags: - users security: - bearerAuth: [] servers: - url: https://localhost:8080 x-tyk-api-gateway: info: name: user state: active: true server: listenPath: strip: true value: /user-test/ upstream: url: https://localhost:8080 schema: allOf: - $ref: >- https://raw.githubusercontent.com/TykTechnologies/tyk/refs/heads/master/apidef/oas/schema/3.0.json - $ref: '#/components/schemas/XTykAPIGateway' responses: '200': content: application/json: example: action: added key: e30bee13ad4248c3b529a4c58bb7be4e status: ok schema: $ref: '#/components/schemas/ApiModifyKeySuccess' description: API created. '400': content: application/json: example: message: the payload should contain x-tyk-api-gateway status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Bad Request '403': content: application/json: example: message: Attempted administrative access with invalid or missing key! status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Forbidden '500': content: application/json: example: message: file object creation failed, write error status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Internal server error. summary: Create an Api With Tyk Oas Format. tags: - Tyk OAS APIs x-microcks-operation: delay: 0 dispatcher: FALLBACK /tyk/apis/oas/{apiID}: delete: description: >- Deleting an API definition will remove the file from the file store, the API definition will not be unloaded, a separate reload request will need to be made to disable the API endpoint. operationId: deleteOASApi parameters: - description: The API ID. example: 1bd5c61b0e694082902cf15ddcc9e6a7 in: path name: apiID required: true schema: type: string responses: '200': content: application/json: example: action: deleted key: 1bd5c61b0e694082902cf15ddcc9e6a7 status: ok schema: $ref: '#/components/schemas/ApiModifyKeySuccess' description: API deleted '400': content: application/json: example: message: Must specify an apiID to delete status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Bad Request '403': content: application/json: example: message: Attempted administrative access with invalid or missing key! status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Forbidden '404': content: application/json: example: message: API not found status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: API not found. '500': content: application/json: example: message: Delete failed status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Internal server error. summary: Deleting a Tyk Oas Api. tags: - Tyk OAS APIs x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: Get Tyk OAS API definition using an API ID. operationId: getOASApi parameters: - description: >- By default mode is empty which means it will return the Tyk API OAS spec including the x-tyk-api-gateway part. When mode=public, the Tyk OAS API spec will exclude the x-tyk-api-gateway part in the response. example: public in: query name: mode required: false schema: enum: - public type: string - description: ID of the API you want to fetch example: 4c1c0d8fc885401053ddac4e39ef676b in: path name: apiID required: true schema: type: string responses: '200': content: application/json: examples: oasExample: $ref: '#/components/examples/oasExample' schema: allOf: - $ref: >- https://raw.githubusercontent.com/TykTechnologies/tyk/refs/heads/master/apidef/oas/schema/3.0.json - $ref: '#/components/schemas/XTykAPIGateway' description: OK headers: x-tyk-base-api-id: description: ID of the base API if the requested API is a version. schema: type: string style: simple '400': content: application/json: example: message: >- the requested API definition is in Tyk classic format, please use old API endpoint status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Bad Request '403': content: application/json: example: message: Attempted administrative access with invalid or missing key! status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Forbidden '404': content: application/json: example: message: API not found status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: API not found. summary: Get a Tyk Oas Api Definition. tags: - Tyk OAS APIs x-microcks-operation: delay: 0 dispatcher: FALLBACK patch: description: >- You can use this endpoint to update Tyk OAS part of the Tyk API definition. This endpoint allows you to configure Tyk OAS extension based on query params provided(similar to import). operationId: patchApiOAS parameters: - description: ID of the API you want to fetch. example: 4c1c0d8fc885401053ddac4e39ef676b in: path name: apiID required: true schema: type: string - $ref: '#/components/parameters/UpstreamURL' - $ref: '#/components/parameters/ListenPath' - $ref: '#/components/parameters/CustomDomain' - $ref: '#/components/parameters/AllowList' - $ref: '#/components/parameters/ValidateRequest' - $ref: '#/components/parameters/MockResponse' - $ref: '#/components/parameters/Authentication' requestBody: content: application/json: example: components: securitySchemes: bearerAuth: description: The API Access Credentials scheme: bearer type: http info: description: This is a sample OAS. title: OAS Sample version: 1.0.0 openapi: 3.0.3 paths: /api/sample/users: get: operationId: getUsers responses: '200': content: application/json: schema: items: properties: name: type: string type: object type: array description: fetched users summary: Get users tags: - users security: - bearerAuth: [] servers: - url: https://localhost:8080 x-tyk-api-gateway: info: name: user state: active: true server: listenPath: strip: true value: /user-test/ upstream: url: https://localhost:8080 schema: $ref: >- https://raw.githubusercontent.com/TykTechnologies/tyk/refs/heads/master/apidef/oas/schema/3.0.json responses: '200': content: application/json: schema: $ref: '#/components/schemas/ApiModifyKeySuccess' description: API patched. '400': content: application/json: example: message: Must specify an apiID to patch status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Bad Request '403': content: application/json: example: message: Attempted administrative access with invalid or missing key! status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Forbidden '404': content: application/json: example: message: API not found status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: API not found. '500': content: application/json: example: message: file object creation failed, write error status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Internal server error. summary: Patch Api in Tyk Oas Format. tags: - Tyk OAS APIs x-microcks-operation: delay: 0 dispatcher: FALLBACK put: description: >- Updating an API definition uses the same signature an object as a `POST`, however it will first ensure that the API ID that is being updated is the same as the one in the object being `PUT`. Updating will completely replace the file descriptor and will not change an API Definition that has already been loaded, the hot-reload endpoint will need to be called to push the new definition to live. operationId: updateApiOAS parameters: - description: ID of the API you want to fetch example: 4c1c0d8fc885401053ddac4e39ef676b in: path name: apiID required: true schema: type: string requestBody: content: application/json: example: components: securitySchemes: bearerAuth: description: The API Access Credentials scheme: bearer type: http info: description: This is a sample OAS. title: OAS Sample version: 1.0.0 openapi: 3.0.3 paths: /api/sample/users: get: operationId: getUsers responses: '200': content: application/json: schema: items: properties: name: type: string type: object type: array description: fetched users summary: Get users tags: - users security: - bearerAuth: [] servers: - url: https://localhost:8080 x-tyk-api-gateway: info: name: user state: active: true server: listenPath: strip: true value: /user-test/ upstream: url: https://localhost:8080 schema: allOf: - $ref: >- https://raw.githubusercontent.com/TykTechnologies/tyk/refs/heads/master/apidef/oas/schema/3.0.json - $ref: '#/components/schemas/XTykAPIGateway' responses: '200': content: application/json: example: action: modified key: e30bee13ad4248c3b529a4c58bb7be4e status: ok schema: $ref: '#/components/schemas/ApiModifyKeySuccess' description: API updated '400': content: application/json: example: message: >- Request APIID does not match that in Definition! For Update operations these must match. status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Bad Request '403': content: application/json: example: message: Attempted administrative access with invalid or missing key! status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Forbidden '404': content: application/json: example: message: API not found status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: API not found '500': content: application/json: example: message: file object creation failed, write error status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Internal server error. summary: Update a Tyk Oas Api Definition. tags: - Tyk OAS APIs x-microcks-operation: delay: 0 dispatcher: FALLBACK /tyk/apis/oas/{apiID}/export: get: description: >- Use the mode query parameter to specify if you want the x-tyk-api-gateway stripped out. operationId: downloadApiOASPublic parameters: - description: ID of the API you want to fetch. example: 4c1c0d8fc885401053ddac4e39ef676b in: path name: apiID required: true schema: type: string - description: >- By default mode is empty which means it will return the Tyk API OAS spec including the x-tyk-api-gateway part. When mode=public, the Tyk OAS API spec will exclude the x-tyk-api-gateway part in the response. example: public in: query name: mode required: false schema: enum: - public type: string responses: '200': content: application/octet-stream: schema: format: binary type: string description: Exported API definition file '400': content: application/json: example: message: requesting API definition that is in Tyk classic format status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Bad Request '403': content: application/json: example: message: Attempted administrative access with invalid or missing key! status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Forbidden '404': content: application/json: example: message: API not found status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Not Found '500': content: application/json: example: message: Unexpected error status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Internal server error. summary: Download a Tyk Oas Format Api. tags: - Tyk OAS APIs x-microcks-operation: delay: 0 dispatcher: FALLBACK /tyk/apis/oas/{apiID}/versions: get: description: Listing versions of a Tyk OAS API. operationId: listOASApiVersions parameters: - description: ID of the API you want to fetch. example: 4c1c0d8fc885401053ddac4e39ef676b in: path name: apiID required: true schema: type: string - $ref: '#/components/parameters/SearchText' - $ref: '#/components/parameters/AccessType' responses: '200': content: application/json: example: apis: - expirationDate: '' id: keyless internal: false isDefaultVersion: false name: Tyk Test Keyless API versionName: '' - expirationDate: '' id: 1f20d5d2731d47ac9c79fddf826eda00 internal: false isDefaultVersion: true name: Version three Api versionName: v2 status: success schema: $ref: '#/components/schemas/VersionMetas' description: API version metas. '403': content: application/json: example: message: Attempted administrative access with invalid or missing key! status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Forbidden '404': content: application/json: example: message: API not found. status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: API not found summary: Listing Versions of a Tyk Oas Api. tags: - Tyk OAS APIs x-microcks-operation: delay: 0 dispatcher: FALLBACK /tyk/apis/oas/export: get: description: Download all Tyk OAS format APIs, from the Gateway. operationId: downloadApisOASPublic parameters: - description: >- By default mode is empty which means it will return the Tyk API OAS spec including the x-tyk-api-gateway part. When mode=public, the Tyk OAS API spec will exclude the x-tyk-api-gateway part in the response. example: public in: query name: mode required: false schema: enum: - public type: string responses: '200': content: application/octet-stream: schema: format: binary type: string description: Get a list of Tyk OAS APIs definitions. '403': content: application/json: example: message: Attempted administrative access with invalid or missing key! status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Forbidden '500': content: application/json: example: message: Unexpected error status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Internal server error. summary: Download All Tyk Oas Format Apis. tags: - Tyk OAS APIs x-microcks-operation: delay: 0 dispatcher: FALLBACK /tyk/apis/oas/import: post: description: |- Import an Tyk OAS format API without x-tyk-gateway. For use with an existing Tyk OAS API that you want to expose via your Tyk Gateway. operationId: importOAS parameters: - $ref: '#/components/parameters/UpstreamURL' - $ref: '#/components/parameters/ListenPath' - $ref: '#/components/parameters/CustomDomain' - $ref: '#/components/parameters/AllowList' - $ref: '#/components/parameters/ValidateRequest' - $ref: '#/components/parameters/MockResponse' - $ref: '#/components/parameters/Authentication' - description: The base API which the new version will be linked to. example: 663a4ed9b6be920001b191ae in: query name: base_api_id required: false schema: type: string - description: >- The version name of the base API while creating the first version. This doesn't have to be sent for the next versions but if it is set, it will override base API version name. example: Default in: query name: base_api_version_name required: false schema: type: string - description: The version name of the created version. example: v2 in: query name: new_version_name required: false schema: type: string - description: If true, the new version is set as default version. example: true in: query name: set_default required: false schema: type: boolean requestBody: content: application/json: example: components: securitySchemes: bearerAuth: description: The API Access Credentials scheme: bearer type: http info: description: This is a sample OAS. title: OAS Sample version: 1.0.0 openapi: 3.0.3 paths: /api/sample/users: get: operationId: getUsers responses: '200': content: application/json: schema: items: properties: name: type: string type: object type: array description: fetched users summary: Get users tags: - users security: - bearerAuth: [] servers: - url: https://localhost:8080 schema: $ref: >- https://raw.githubusercontent.com/TykTechnologies/tyk/refs/heads/master/apidef/oas/schema/3.0.json responses: '200': content: application/json: example: action: added key: e30bee13ad4248c3b529a4c58bb7be4e status: ok schema: $ref: '#/components/schemas/ApiModifyKeySuccess' description: API imported. '400': content: application/json: example: message: the import payload should not contain x-tyk-api-gateway status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Bad Request '403': content: application/json: example: message: Attempted administrative access with invalid or missing key! status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Forbidden '500': content: application/json: example: message: file object creation failed, write error status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Internal server error. summary: Import an Api in Tyk Oas Format. tags: - Tyk OAS APIs x-microcks-operation: delay: 0 dispatcher: FALLBACK /tyk/cache/{apiID}: delete: description: Invalidate cache for the given API. operationId: invalidateCache parameters: - description: The API ID. example: ae67bb862a3241a49117508e0f9ee839 in: path name: apiID required: true schema: type: string responses: '200': content: application/json: example: message: cache invalidated status: ok schema: $ref: '#/components/schemas/ApiStatusMessage' description: Cache invalidated. '403': content: application/json: example: message: Attempted administrative access with invalid or missing key! status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Forbidden '500': content: application/json: example: message: Cache invalidation failed. status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Internal server error. summary: Tyk Invalidate Cache. tags: - Cache Invalidation x-microcks-operation: delay: 0 dispatcher: FALLBACK /tyk/certs: get: description: List all certificates in the Tyk Gateway. operationId: listCerts parameters: - description: Organisation ID to list the certificates. example: 5e9d9544a1dcd60001d0ed20 in: query name: org_id required: false schema: type: string - description: Mode to list the certificate details. example: detailed in: query name: mode required: false schema: enum: - detailed type: string responses: '200': content: application/json: examples: certIdList: $ref: '#/components/examples/certIdList' certificateBasicList: $ref: '#/components/examples/certificateBasicList' schema: oneOf: - $ref: '#/components/schemas/APIAllCertificateBasics' - $ref: '#/components/schemas/APIAllCertificates' description: OK '403': content: application/json: example: message: Attempted administrative access with invalid or missing key! status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Forbidden summary: Tyk List Certificates. tags: - Certs x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: Add a certificate to the Tyk Gateway. operationId: addCert parameters: - description: Organisation ID to add the certificate to. example: 5e9d9544a1dcd60001d0ed20 in: query name: org_id required: false schema: type: string requestBody: content: text/plain: schema: type: string responses: '200': content: application/json: example: id: >- 5e9d9544a1dcd60001d0ed207c440d66ebb0a4629d21329808dce9091acf5f2fde328067a6e60e5347271d90 message: Certificate added status: ok schema: $ref: '#/components/schemas/APICertificateStatusMessage' description: New certificate added. '403': content: application/json: example: message: Certificate with ID already exists. status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: When certificates you send already exist in the gateway. '405': content: application/json: example: message: Malformed request body status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Malformed request body. summary: Tyk Add a Certificate. tags: - Certs x-microcks-operation: delay: 0 dispatcher: FALLBACK /tyk/certs/{certID}: delete: description: Delete certificate by ID. operationId: deleteCerts parameters: - description: Certificate ID to be deleted. example: >- 5e9d9544a1dcd60001d0ed20a6ab77653d5da938f452bb8cc9b55b0630a6743dabd8dc92bfb025abb09ce035 in: path name: certID required: true schema: type: string - description: Organisation ID to delete the certificates from. example: 5e9d9544a1dcd60001d0ed20 in: query name: org_id required: false schema: type: string responses: '200': content: application/json: example: message: removed status: ok schema: $ref: '#/components/schemas/ApiStatusMessage' description: Deleted certificate. '403': content: application/json: example: message: Attempted administrative access with invalid or missing key! status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Forbidden summary: Tyk Delete Certificate. tags: - Certs x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: >- Note that the certID path parameter can take a list of certIDs separated with commas (e.g /tyk/certs/certIDOne,certIDTwo). If you send a single certID it will return a single CertificateMeta object otherwise if you send more than two certIDs is will return an array of certificateMeta objects. operationId: listCertsWithIDs parameters: - description: Comma separated list of certificates to list. example: >- e6ce2b49-3e31-44de-95a7-12f054724283,5e9d9544a1dcd60001d0ed20a6ab77653d5da938f452bb8cc9b55b0630a6743dabd8dc92bfb025abb09ce035 in: path name: certID required: true schema: type: string responses: '200': content: application/json: examples: certificateMetaExample: $ref: '#/components/examples/certificateMetaExample' certificateMetaListExample: $ref: '#/components/examples/certificateMetaListExample' schema: oneOf: - $ref: '#/components/schemas/CertsCertificateMeta' - items: $ref: '#/components/schemas/CertsCertificateMeta' nullable: true type: array description: OK '403': content: application/json: example: message: Attempted administrative access with invalid or missing key! status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Forbidden '404': content: application/json: example: message: Certificate with given SHA256 fingerprint not found. status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Not Found summary: >- Return One Certificate or List Multiple Certificates in the Tyk Gateway Given a Comma Separated List of Cert Ids. tags: - CertsTag x-microcks-operation: delay: 0 dispatcher: FALLBACK /tyk/debug: post: description: >- Used to test API definition by sending sample request and analysing output of both response and logs. operationId: debugApiDefinition requestBody: content: application/json: example: request: method: GET path: /update-listen-path spec: api_id: b84fe1a04e5648927971c0557971565c auth: auth_header_name: authorization definition: key: version location: header name: Tyk Test API org_id: 664a14650619d40001f1f00f proxy: listen_path: /tyk-api-test/ strip_listen_path: true target_url: https://httpbin.org use_oauth2: true version_data: not_versioned: true versions: Default: name: Default schema: $ref: '#/components/schemas/TraceRequest' responses: '200': content: application/json: example: logs: >- {"level":"warning","msg":"Legacy path detected! Upgrade to extended.... message: ok response: "====== Request ======\nGET / HTTP/1.1\r\nHost: httpbin.org\r\n\r\n\n====== Response..." schema: $ref: '#/components/schemas/TraceResponse' description: Success tracing request. '400': content: application/json: example: message: Request malformed status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Bad Request '403': content: application/json: example: message: Attempted administrative access with invalid or missing key! status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Forbidden '500': content: application/json: example: message: 'Unexpected failure:' status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Internal server error. summary: Tyk Test an an Api Definition. tags: - Debug x-microcks-operation: delay: 0 dispatcher: FALLBACK /tyk/keys: get: description: List all the API keys. operationId: listKeys responses: '200': content: application/json: schema: $ref: '#/components/schemas/ApiAllKeys' description: List of all API keys. '403': content: application/json: schema: $ref: '#/components/schemas/ApiStatusMessage' description: Forbidden '404': content: application/json: schema: $ref: '#/components/schemas/ApiStatusMessage' description: Disabled hashed key listing. summary: Tyk List Keys. tags: - Keys x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: >- Tyk will generate the access token based on the OrgID specified in the API Definition and a random UUID. This ensures that keys can be owned by different API Owners should segmentation be needed at an organisational level.

API keys without access_rights data will be written to all APIs on the system (this also means that they will be created across all SessionHandlers and StorageHandlers, it is recommended to always embed access_rights data in a key to ensure that only targeted APIs and their back-ends are written to. operationId: addKey parameters: - description: >- When set to true the key_hash returned will be similar to the un-hashed key name. example: true in: query name: hashed required: false schema: enum: - true - false type: boolean requestBody: content: application/json: example: access_rights: itachi-api: allowed_urls: - methods: - GET url: /users api_id: 8ddd91f3cda9453442c477b06c4e2da4 api_name: Itachi api limit: per: 60 quota_max: 10000 quota_remaining: 10000 quota_renewal_rate: 3600 rate: 1000 throttle_interval: 10 throttle_retry_limit: 10 versions: - Default alias: portal-key allowance: 1000 apply_policies: - 5ead7120575961000181867e date_created: '2024-08-09T14:40:34.87614+03:00' enable_detailed_recording: true last_updated: '1723203634' meta_data: new-update-key-sample: update-key-sample tyk_developer_id: 62b3fb9a1d5e4f00017226f5 update: sample policy update user_type: mobile_user org_id: 5e9d9544a1dcd60001d0ed20 per: 60 quota_max: 10000 quota_renewal_rate: 3600 quota_renews: 1723207234 rate: 1000 tags: - security - edge - edge-eu throttle_interval: 10 throttle_retry_limit: 10 schema: $ref: '#/components/schemas/SessionState' responses: '200': content: application/json: example: action: added key: 5e9d9544a1dcd60001d0ed20a2290376f89846b798b7e5197584ef6d status: ok schema: $ref: '#/components/schemas/ApiModifyKeySuccess' description: New key added. '400': content: application/json: example: message: Request malformed status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Bad Request '403': content: application/json: example: message: Attempted administrative access with invalid or missing key! status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Forbidden '500': content: application/json: example: message: Failed to create key, ensure security settings are correct. status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Internal server error. summary: Tyk Create a Key. tags: - Keys x-microcks-operation: delay: 0 dispatcher: FALLBACK /tyk/keys/{keyID}: delete: description: >- Deleting a key will remove it permanently from the system, however analytics relating to that key will still be available. operationId: deleteKey parameters: - description: Use the hash of the key as input instead of the full key. example: false in: query name: hashed required: false schema: enum: - true - false type: boolean - description: The key ID. example: 5e9d9544a1dcd60001d0ed20e7f75f9e03534825b7aef9df749582e5 in: path name: keyID required: true schema: type: string responses: '200': content: application/json: example: action: deleted key: 5e9d9544a1dcd60001d0ed20e7f75f9e03534825b7aef9df749582e5 status: ok schema: $ref: '#/components/schemas/ApiModifyKeySuccess' description: Key deleted. '400': content: application/json: example: message: Failed to remove the key status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Bad Request '403': content: application/json: example: message: Attempted administrative access with invalid or missing key! status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Forbidden '404': content: application/json: example: message: There is no such key found status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Key not found. summary: Tyk Delete a Key. tags: - Keys x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: >- Get session info about the specified key. Should return up to date rate limit and quota usage numbers. operationId: getKey parameters: - description: Use the hash of the key as input instead of the full key. example: true in: query name: hashed required: false schema: enum: - true - false type: boolean - description: The key ID. example: 5e9d9544a1dcd60001d0ed20e7f75f9e03534825b7aef9df749582e5 in: path name: keyID required: true schema: type: string responses: '200': content: application/json: example: access_rights: itachi-api: allowed_urls: - methods: - GET url: /users api_id: 8ddd91f3cda9453442c477b06c4e2da4 api_name: Itachi api limit: per: 60 quota_max: 10000 quota_remaining: 10000 quota_renewal_rate: 3600 rate: 1000 throttle_interval: 10 throttle_retry_limit: 10 versions: - Default alias: portal-key allowance: 1000 apply_policies: - 5ead7120575961000181867e date_created: '2024-08-09T14:40:34.87614+03:00' enable_detailed_recording: true last_updated: '1723203634' meta_data: new-update-key-sample: update-key-sample tyk_developer_id: 62b3fb9a1d5e4f00017226f5 update: sample policy update user_type: mobile_user org_id: 5e9d9544a1dcd60001d0ed20 per: 60 quota_max: 10000 quota_renewal_rate: 3600 quota_renews: 1723207234 rate: 1000 tags: - security - edge - edge-eu throttle_interval: 10 throttle_retry_limit: 10 schema: $ref: '#/components/schemas/SessionState' description: Key fetched. '400': content: application/json: example: message: Key requested by hash but key hashing is not enabled. status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Bad Request '403': content: application/json: example: message: Attempted administrative access with invalid or missing key! status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Forbidden '404': content: application/json: example: message: Key not found status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Key not found. summary: Tyk Get a Key With Id. tags: - Keys x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: >- You can use this endpoint to import existing keys into Tyk or to create a new custom key. operationId: createCustomKey parameters: - description: >- Adding the suppress_reset parameter and setting it to 1, will cause Tyk not to reset the quota limit that is in the current live quota manager. By default Tyk will reset the quota in the live quota manager (initialising it) when adding a key. Adding the `suppress_reset` flag to the URL parameters will avoid this behaviour. example: '1' in: query name: suppress_reset required: false schema: enum: - '1' type: string - description: >- When set to true the key_hash returned will be similar to the un-hashed key name. example: true in: query name: hashed required: false schema: enum: - true - false type: boolean - description: Name to give the custom key. example: customKey in: path name: keyID required: true schema: type: string requestBody: content: application/json: example: access_rights: itachi-api: allowed_urls: - methods: - GET url: /users api_id: 8ddd91f3cda9453442c477b06c4e2da4 api_name: Itachi api limit: per: 60 quota_max: 10000 quota_remaining: 10000 quota_renewal_rate: 3600 rate: 1000 throttle_interval: 10 throttle_retry_limit: 10 versions: - Default alias: portal-key allowance: 1000 apply_policies: - 5ead7120575961000181867e date_created: '2024-08-09T14:40:34.87614+03:00' enable_detailed_recording: true last_updated: '1723203634' meta_data: new-update-key-sample: update-key-sample tyk_developer_id: 62b3fb9a1d5e4f00017226f5 update: sample policy update user_type: mobile_user org_id: 5e9d9544a1dcd60001d0ed20 per: 60 quota_max: 10000 quota_renewal_rate: 3600 quota_renews: 1723207234 rate: 1000 tags: - security - edge - edge-eu throttle_interval: 10 throttle_retry_limit: 10 schema: $ref: '#/components/schemas/SessionState' responses: '200': content: application/json: example: action: added key: 5e9d9544a1dcd60001d0ed20customKey status: ok schema: $ref: '#/components/schemas/ApiModifyKeySuccess' description: New custom key added. '400': content: application/json: example: message: Request malformed status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Bad Request '403': content: application/json: example: message: Attempted administrative access with invalid or missing key! status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Forbidden '500': content: application/json: example: message: Failed to create key, ensure security settings are correct. status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Internal server error. summary: Tyk Create Custom Key / Import Key tags: - Keys x-microcks-operation: delay: 0 dispatcher: FALLBACK put: description: ' You can also manually add keys to Tyk using your own key-generation algorithm. It is recommended that when using this approach to ensure that the OrgID being used in the API Definition and the key data is blank so that Tyk does not try to prepend or manage the key in any way.' operationId: updateKey parameters: - description: >- Adding the suppress_reset parameter and setting it to 1 will cause Tyk not to reset the quota limit that is in the current live quota manager. By default Tyk will reset the quota in the live quota manager (initialising it) when adding a key. Adding the `suppress_reset` flag to the URL parameters will avoid this behaviour. example: '1' in: query name: suppress_reset required: false schema: enum: - '1' type: string - description: >- When set to true the key_hash returned will be similar to the un-hashed key name. example: true in: query name: hashed required: false schema: enum: - true - false type: boolean - description: ID of the key you want to update. example: 5e9d9544a1dcd60001d0ed20766d9a6ec6b4403b93a554feefef4708 in: path name: keyID required: true schema: type: string requestBody: content: application/json: example: access_rights: itachi-api: allowed_urls: - methods: - GET url: /users api_id: 8ddd91f3cda9453442c477b06c4e2da4 api_name: Itachi api limit: per: 60 quota_max: 10000 quota_remaining: 10000 quota_renewal_rate: 3600 rate: 1000 throttle_interval: 10 throttle_retry_limit: 10 versions: - Default alias: portal-key allowance: 1000 apply_policies: - 5ead7120575961000181867e date_created: '2024-08-09T14:40:34.87614+03:00' enable_detailed_recording: true last_updated: '1723203634' meta_data: new-update-key-sample: update-key-sample tyk_developer_id: 62b3fb9a1d5e4f00017226f5 update: sample policy update user_type: mobile_user org_id: 5e9d9544a1dcd60001d0ed20 per: 60 quota_max: 10000 quota_renewal_rate: 3600 quota_renews: 1723207234 rate: 1000 tags: - security - edge - edge-eu - update-sample-tag throttle_interval: 10 throttle_retry_limit: 10 schema: $ref: '#/components/schemas/SessionState' responses: '200': content: application/json: example: action: modified key: 5e9d9544a1dcd60001d0ed20766d9a6ec6b4403b93a554feefef4708 status: ok schema: $ref: '#/components/schemas/ApiModifyKeySuccess' description: Key updated. '400': content: application/json: example: message: Request malformed status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Bad Request '403': content: application/json: example: message: Attempted administrative access with invalid or missing key! status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Forbidden '404': content: application/json: example: message: Key is not found status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Key not found. '500': content: application/json: example: message: Failed to create key, ensure security settings are correct. status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Internal server error. summary: Tyk Update Key. tags: - Keys x-microcks-operation: delay: 0 dispatcher: FALLBACK /tyk/keys/create: post: description: Create a key. operationId: createKey requestBody: content: application/json: example: access_rights: itachi-api: allowed_urls: - methods: - GET url: /users api_id: 8ddd91f3cda9453442c477b06c4e2da4 api_name: Itachi api limit: per: 60 quota_max: 10000 quota_remaining: 10000 quota_renewal_rate: 3600 rate: 1000 throttle_interval: 10 throttle_retry_limit: 10 versions: - Default alias: portal-key allowance: 1000 apply_policies: - 5ead7120575961000181867e date_created: '2024-08-09T14:40:34.87614+03:00' enable_detailed_recording: true last_updated: '1723203634' meta_data: new-update-key-sample: update-key-sample tyk_developer_id: 62b3fb9a1d5e4f00017226f5 update: sample policy update user_type: mobile_user org_id: 5e9d9544a1dcd60001d0ed20 per: 60 quota_max: 10000 quota_renewal_rate: 3600 quota_renews: 1723207234 rate: 1000 tags: - security - edge - edge-eu throttle_interval: 10 throttle_retry_limit: 10 schema: $ref: '#/components/schemas/SessionState' responses: '200': content: application/json: example: action: added key: 5e9d9544a1dcd60001d0ed207eb558517c3c48fb826c62cc6f6161eb status: ok schema: $ref: '#/components/schemas/ApiModifyKeySuccess' description: Key created. '400': content: application/json: example: message: >- Failed to create key, keys must have at least one Access Rights record set. status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: No access right. '403': content: application/json: example: message: Attempted administrative access with invalid or missing key! status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Forbidden '500': content: application/json: example: message: Unmarshalling failed status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Malformed body. summary: Tyk Create a Key. tags: - Keys x-microcks-operation: delay: 0 dispatcher: FALLBACK /tyk/keys/policy/{keyID}: post: description: This will set policies to a hashed key. operationId: setPoliciesToHashedKey parameters: - description: Name to give the custom key. example: 5e9d9544a1dcd60001d0ed207eb558517c3c48fb826c62cc6f6161eb in: path name: keyID required: true schema: type: string requestBody: content: application/json: example: apply_policies: - 5ead7120575961000181867e policy: '' schema: $ref: '#/components/schemas/PolicyUpdateObj' responses: '200': content: application/json: example: action: updated key: 5e9d9544a1dcd60001d0ed207eb558517c3c48fb826c62cc6f6161eb status: ok schema: $ref: '#/components/schemas/ApiModifyKeySuccess' description: Updated hashed key. '400': content: application/json: example: message: Couldn't decode instruction status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Malformed request body. '403': content: application/json: example: message: Attempted administrative access with invalid or missing key! status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Forbidden '404': content: application/json: example: message: Key not found status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Key not found. '500': content: application/json: example: message: Could not write key data. status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Internal server error. summary: Tyk Set Policies for a Hashed Key. tags: - Keys x-microcks-operation: delay: 0 dispatcher: FALLBACK /tyk/keys/preview: post: description: >- This will check if the body of a key definition is valid. And return a response with how the key would look like if you were to create it. operationId: validateAKeyDefinition requestBody: content: application/json: example: access_rights: itachi-api: allowed_urls: - methods: - GET url: /users api_id: 8ddd91f3cda9453442c477b06c4e2da4 api_name: Itachi api limit: per: 60 quota_max: 10000 quota_remaining: 10000 quota_renewal_rate: 3600 rate: 1000 throttle_interval: 10 throttle_retry_limit: 10 versions: - Default alias: portal-key allowance: 1000 apply_policies: - 5ead7120575961000181867e date_created: '2024-08-09T14:40:34.87614+03:00' enable_detailed_recording: true last_updated: '1723203634' meta_data: new-update-key-sample: update-key-sample tyk_developer_id: 62b3fb9a1d5e4f00017226f5 update: sample policy update user_type: mobile_user org_id: 5e9d9544a1dcd60001d0ed20 per: 60 quota_max: 10000 quota_renewal_rate: 3600 quota_renews: 1723207234 rate: 1000 tags: - security - edge - edge-eu throttle_interval: 10 throttle_retry_limit: 10 schema: $ref: '#/components/schemas/SessionState' responses: '200': content: application/json: example: access_rights: itachi-api: allowed_urls: - methods: - GET url: /users api_id: 8ddd91f3cda9453442c477b06c4e2da4 api_name: Itachi api limit: per: 60 quota_max: 10000 quota_remaining: 10000 quota_renewal_rate: 3600 rate: 1000 throttle_interval: 10 throttle_retry_limit: 10 versions: - Default alias: portal-key allowance: 1000 apply_policies: - 5ead7120575961000181867e date_created: '2024-08-09T14:40:34.87614+03:00' enable_detailed_recording: true last_updated: '1723203634' meta_data: new-update-key-sample: update-key-sample tyk_developer_id: 62b3fb9a1d5e4f00017226f5 update: sample policy update user_type: mobile_user org_id: 5e9d9544a1dcd60001d0ed20 per: 60 quota_max: 10000 quota_renewal_rate: 3600 quota_renews: 1723207234 rate: 1000 tags: - security - edge - edge-eu throttle_interval: 10 throttle_retry_limit: 10 schema: $ref: '#/components/schemas/SessionState' description: Key definition is valid. '403': content: application/json: example: message: Attempted administrative access with invalid or missing key! status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Forbidden '500': content: application/json: example: message: Unmarshalling failed status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Internal server error. summary: Tyk This Will Validate a Key Definition. tags: - Keys x-microcks-operation: delay: 0 dispatcher: FALLBACK /tyk/oauth/clients/{apiID}: get: description: >- OAuth Clients are organised by API ID, and therefore are queried as such. operationId: listOAuthClients parameters: - description: The API ID example: 1bd5c61b0e694082902cf15ddcc9e6a7 in: path name: apiID required: true schema: type: string responses: '200': content: application/json: example: - api_id: b84fe1a04e5648927971c0557971565c client_id: 2a06b398c17f46908de3dffcb71ef87df description: google client meta_data: user_id: 362b3fb9a1d5e4f00017226f5 redirect_uri: https://httpbin.org/ip secret: MmQwNTI5NGQtYjU0YS00NjMyLWIwZjktNTZjY2M1ZjhjYWY0 schema: items: $ref: '#/components/schemas/NewClientRequest' type: array description: Get OAuth client details or a list of OAuth clients '403': content: application/json: example: message: Attempted administrative access with invalid or missing key! status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Forbidden '404': description: Api no found summary: Tyk List Oauth Clients tags: - OAuth x-microcks-operation: delay: 0 dispatcher: FALLBACK /tyk/oauth/clients/{apiID}/{keyName}: delete: description: >- Please note that tokens issued with the client ID will still be valid until they expire. operationId: deleteOAuthClient parameters: - description: The API id example: b84fe1a04e5648927971c0557971565c in: path name: apiID required: true schema: type: string - description: The Client ID example: 2a06b398c17f46908de3dffcb71ef87df in: path name: keyName required: true schema: type: string responses: '200': content: application/json: example: action: deleted key: 2a06b398c17f46908de3dffcb71ef87df status: ok schema: $ref: '#/components/schemas/ApiModifyKeySuccess' description: OAuth client deleted '403': content: application/json: example: message: Attempted administrative access with invalid or missing key! status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Forbidden '404': content: application/json: example: message: OAuth Client ID not found status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Not found '500': content: application/json: example: message: Delete failed status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Internal server error. summary: Tyk Delete Oauth Client tags: - OAuth x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: Get OAuth client details tied to an api operationId: getOAuthClient parameters: - description: The API id example: b84fe1a04e5648927971c0557971565c in: path name: apiID required: true schema: type: string - description: The Client ID example: 2a06b398c17f46908de3dffcb71ef87df in: path name: keyName required: true schema: type: string responses: '200': content: application/json: example: client_id: 2a06b398c17f46908de3dffcb71ef87df description: changed description sample meta_data: user_id: 362b3fb9a1d5e4f00017226f5 redirect_uri: https://httpbin.org/ip secret: MmQwNTI5NGQtYjU0YS00NjMyLWIwZjktNTZjY2M1ZjhjYWY0 schema: $ref: '#/components/schemas/NewClientRequest' description: OAuth client details '403': content: application/json: example: message: Attempted administrative access with invalid or missing key! status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Forbidden '404': content: application/json: example: message: OAuth Client ID not found status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: OAuth Client not found summary: Tyk Get Oauth Client tags: - OAuth x-microcks-operation: delay: 0 dispatcher: FALLBACK put: description: >- Allows you to update the metadata,redirecturi,description and Policy ID for an OAuth client. operationId: updateOAuthClient parameters: - description: The API id example: b84fe1a04e5648927971c0557971565c in: path name: apiID required: true schema: type: string - description: The Client ID example: 2a06b398c17f46908de3dffcb71ef87df in: path name: keyName required: true schema: type: string requestBody: content: application/json: example: api_id: b84fe1a04e5648927971c0557971565c client_id: 2a06b398c17f46908de3dffcb71ef87df description: changed description sample meta_data: user_id: 362b3fb9a1d5e4f00017226f5 redirect_uri: https://httpbin.org/ip secret: MmQwNTI5NGQtYjU0YS00NjMyLWIwZjktNTZjY2M1ZjhjYWY0 schema: $ref: '#/components/schemas/NewClientRequest' responses: '200': content: application/json: example: client_id: 2a06b398c17f46908de3dffcb71ef87df description: changed description sample meta_data: user_id: 362b3fb9a1d5e4f00017226f5 redirect_uri: https://httpbin.org/ip secret: MmQwNTI5NGQtYjU0YS00NjMyLWIwZjktNTZjY2M1ZjhjYWY0 schema: $ref: '#/components/schemas/NewClientRequest' description: OAuth client updated '400': content: application/json: example: message: >- Policy access rights doesn't contain API this OAuth client belongs to status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Bad Request '403': content: application/json: example: message: Attempted administrative access with invalid or missing key! status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Forbidden '404': content: application/json: example: message: API doesn't exist status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Not Found '500': content: application/json: example: message: Unmarshalling failed status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: malformed request body summary: Tyk Update Oauth Metadata,redirecturi,description and Policy Id tags: - OAuth x-microcks-operation: delay: 0 dispatcher: FALLBACK /tyk/oauth/clients/{apiID}/{keyName}/rotate: put: description: Generate a new secret operationId: rotateOauthClient parameters: - description: The API id example: b84fe1a04e5648927971c0557971565c in: path name: apiID required: true schema: type: string - description: The Client ID example: 2a06b398c17f46908de3dffcb71ef87df in: path name: keyName required: true schema: type: string responses: '200': content: application/json: example: client_id: 2a06b398c17f46908de3dffcb71ef87df description: google client meta_data: user_id: 362b3fb9a1d5e4f00017226f5 redirect_uri: https://httpbin.org/ip secret: MmQwNTI5NGQtYjU0YS00NjMyLWIwZjktNTZjY2M1ZjhjYWY0 schema: $ref: '#/components/schemas/NewClientRequest' description: New secret has been created '403': content: application/json: example: message: Attempted administrative access with invalid or missing key! status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Forbidden '404': content: application/json: example: message: API doesn't exist status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Not Found '500': content: application/json: example: message: Failure in storing client data status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Internal server error. summary: Tyk Rotate the Oath Client Secret tags: - OAuth x-microcks-operation: delay: 0 dispatcher: FALLBACK /tyk/oauth/clients/{apiID}/{keyName}/tokens: get: description: >- This endpoint allows you to retrieve a list of all current tokens and their expiry date for a provided API ID and OAuth-client ID .If page query parameter is sent the tokens will be paginated. This endpoint will work only for newly created tokens.

You can control how long you want to store expired tokens in this list using `oauth_token_expired_retain_period` gateway option, which specifies retain period for expired tokens stored in Redis. By default expired token not get removed. See here for more details. operationId: getOAuthClientTokens parameters: - description: The API id example: b84fe1a04e5648927971c0557971565c in: path name: apiID required: true schema: type: string - description: The Client ID example: 2a06b398c17f46908de3dffcb71ef87df in: path name: keyName required: true schema: type: string - description: Use page query parameter to say which page number you want returned. example: 1 in: query name: page required: false schema: default: 1 type: integer responses: '200': content: application/json: examples: paginatedTokenExample: $ref: '#/components/examples/paginatedTokenExample' tokenListExample: $ref: '#/components/examples/tokenListExample' schema: oneOf: - $ref: '#/components/schemas/PaginatedOAuthClientTokens' - items: $ref: '#/components/schemas/OAuthClientToken' nullable: true type: array description: Tokens returned successfully. '403': content: application/json: example: message: Attempted administrative access with invalid or missing key! status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Forbidden '404': content: application/json: example: message: OAuth Client ID not found status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: OAuth Client ID not found '500': content: application/json: example: message: Get client tokens failed status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Internal server error. summary: Tyk List Tokens for a Provided Api Id and Oauth-client Id tags: - OAuth x-microcks-operation: delay: 0 dispatcher: FALLBACK /tyk/oauth/clients/apis/{appID}: get: description: >- Get all API IDs for APIs that have use_oauth2 enabled and use the client_id (appID) specified in the path parameter for OAuth2. You can use the org_id query parameter to specify from which organization you want the API IDs to be returned. To return APIs from all organizations, send org_id as an empty string. operationId: getApisForOauthApp parameters: - description: The Client ID example: 2a06b398c17f46908de3dffcb71ef87df in: path name: appID required: true schema: type: string - description: The Org Id in: query name: orgID required: false schema: type: string responses: '200': content: application/json: example: - b84fe1a04e5648927971c0557971565c schema: items: type: string type: array description: Return an array of apis ids '403': content: application/json: example: message: Attempted administrative access with invalid or missing key! status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Forbidden summary: Tyk Get Api Ids for Apis That Use the Specified Client_id(appid) for Oauth tags: - OAuth x-microcks-operation: delay: 0 dispatcher: FALLBACK /tyk/oauth/clients/create: post: description: > Any OAuth keys must be generated with the help of a client ID. These need to be pre-registered with Tyk before they can be used (in a similar vein to how you would register your app with Twitter before attempting to ask user permissions using their API).

Creating OAuth clients with Access to Multiple APIs

New from Tyk Gateway 2.6.0 is the ability to create OAuth clients with access to more than one API. If you provide the api_id it works the same as in previous releases. If you don't provide the api_id the request uses policy access rights and enumerates APIs from their setting in the newly created OAuth-client. operationId: createOAuthClient requestBody: content: application/json: example: api_id: b84fe1a04e5648927971c0557971565c client_id: 2a06b398c17f46908de3dffcb71ef87df description: google client meta_data: user_id: 362b3fb9a1d5e4f00017226f5 redirect_uri: https://httpbin.org/ip secret: MmQwNTI5NGQtYjU0YS00NjMyLWIwZjktNTZjY2M1ZjhjYWY0 schema: $ref: '#/components/schemas/NewClientRequest' responses: '200': content: application/json: example: client_id: 2a06b398c17f46908de3dffcb71ef87df description: google client meta_data: user_id: 362b3fb9a1d5e4f00017226f5 redirect_uri: https://httpbin.org/ip secret: MmQwNTI5NGQtYjU0YS00NjMyLWIwZjktNTZjY2M1ZjhjYWY0 schema: $ref: '#/components/schemas/NewClientRequest' description: Client created '400': content: application/json: example: message: API doesn't exist status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Api Not found '403': content: application/json: example: message: Attempted administrative access with invalid or missing key! status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Forbidden '500': content: application/json: example: message: Unmarshalling failed status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Unmarshalling failed summary: Tyk Create New Oauth Client tags: - OAuth x-microcks-operation: delay: 0 dispatcher: FALLBACK /tyk/oauth/refresh/{keyName}: delete: description: >- It is possible to invalidate refresh tokens in order to manage OAuth client access more robustly. operationId: invalidateOAuthRefresh parameters: - description: The Client ID example: 2a06b398c17f46908de3dffcb71ef87df in: path name: keyName required: true schema: type: string - description: The API id example: b84fe1a04e5648927971c0557971565c in: query name: api_id required: true schema: type: string responses: '200': content: application/json: example: action: deleted key: 2a06b398c17f46908de3dffcb71ef87df status: ok schema: $ref: '#/components/schemas/ApiModifyKeySuccess' description: Deleted '400': content: application/json: example: message: Missing parameter api_id status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: missing api_Id query parameter '403': content: application/json: example: message: Attempted administrative access with invalid or missing key! status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Forbidden '404': content: application/json: example: message: API for this refresh token not found status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Not Found '500': content: application/json: example: message: Failed to invalidate refresh token status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Internal server error. summary: Tyk Invalidate Oauth Refresh Token tags: - OAuth x-microcks-operation: delay: 0 dispatcher: FALLBACK /tyk/oauth/revoke: post: description: revoke a single token operationId: revokeSingleToken requestBody: content: application/x-www-form-urlencoded: schema: properties: client_id: description: id of oauth client example: 2a06b398c17f46908de3dffcb71ef87df type: string org_id: example: 6492f66e6ebbc56c6a6bf022 type: string token: description: token to be revoked example: >- eyJvcmciOiI1ZTIwOTFjNGQ0YWVmY2U2MGMwNGZiOTIiLCJpZCI6IjIyODQ1NmFjNmJlMjRiMzI5MTIyOTdlODQ5NTc4NjJhIiwiaCI6Im11cm11cjY0In0= type: string token_type_hint: description: >- type of token to be revoked, if sent then the accepted values are access_token and refresh_token. String value and optional, of not provided then it will attempt to remove access and refresh tokens that matches example: access_token type: string required: - token - client_id type: object description: token revoked successfully responses: '200': content: application/json: example: message: token revoked successfully status: ok schema: $ref: '#/components/schemas/ApiStatusMessage' description: token revoked '400': content: application/json: example: message: cannot parse form. Form malformed status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: malformed form data '403': content: application/json: example: message: Attempted administrative access with invalid or missing key! status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Forbidden summary: Tyk Revoke Token tags: - OAuth x-microcks-operation: delay: 0 dispatcher: FALLBACK /tyk/oauth/revoke_all: post: description: Revoke all the tokens for a given oauth client operationId: revokeAllTokens requestBody: content: application/x-www-form-urlencoded: schema: properties: client_id: description: id of oauth client example: 2a06b398c17f46908de3dffcb71ef87df type: string client_secret: description: OAuth client secret to ensure that its a valid operation example: MmQwNTI5NGQtYjU0YS00NjMyLWIwZjktNTZjY2M1ZjhjYWY0 type: string org_id: example: 6492f66e6ebbc56c6a6bf022 type: string required: - client_secret - client_id type: object responses: '200': content: application/json: example: message: tokens revoked successfully status: ok schema: $ref: '#/components/schemas/ApiStatusMessage' description: tokens revoked '400': content: application/json: example: message: cannot parse form. Form malformed status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Bad Request '401': content: application/json: example: message: client_id is required status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: missing client id '403': content: application/json: example: message: Attempted administrative access with invalid or missing key! status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Forbidden '404': content: application/json: example: message: oauth client doesn't exist status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: not found summary: Tyk Revoke All Client's Tokens tags: - OAuth x-microcks-operation: delay: 0 dispatcher: FALLBACK /tyk/oauth/tokens: delete: description: Purge all lapsed OAuth token operationId: purgeLapsedOAuthTokens parameters: - description: purge lapsed tokens example: lapsed in: query name: scope required: true schema: enum: - lapsed type: string responses: '200': content: application/json: example: message: lapsed tokens purged status: ok schema: $ref: '#/components/schemas/ApiStatusMessage' description: lapsed tokens purged successfully '400': content: application/json: example: message: unknown scope status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Sending a value other than lapsed in scope query '403': content: application/json: example: message: Attempted administrative access with invalid or missing key! status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Forbidden '422': content: application/json: example: message: scope parameter is required status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Missing lapsed query parameter '500': content: application/json: example: message: error purging lapsed tokens status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Internal server error. summary: Tyk Purge Lapsed Oauth Tokens tags: - OAuth x-microcks-operation: delay: 0 dispatcher: FALLBACK /tyk/org/keys: get: description: >- You can now set rate limits at the organisation level by using the following fields - allowance and rate. These are the number of allowed requests for the specified per value, and need to be set to the same value. If you don't want to have organisation level rate limiting, set 'rate' or 'per' to zero, or don't add them to your request. operationId: listOrgKeys parameters: - description: >- Retrieves all keys starting with the specified filter(filter is a prefix - e.g. default* or default will return all keys starting with default like defaultbd,defaulttwo etc).We don't use filter for hashed keys example: default* in: query name: filter required: false schema: type: string responses: '200': content: application/json: example: keys: - 5e9d9544a1dcd60001d0ed2008500e44fa644f939b640a4b8b4ea58c schema: $ref: '#/components/schemas/ApiAllKeys' description: List of all org keys '403': content: application/json: example: message: Attempted administrative access with invalid or missing key! status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Forbidden '404': content: application/json: example: message: ORG not found status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: ORG not found summary: Tyk List Organisation Keys tags: - Organisation Quotas x-microcks-operation: delay: 0 dispatcher: FALLBACK /tyk/org/keys/{keyID}: delete: description: >- Deleting a key will remove all limits from organisation. It does not affects regular keys created within organisation. operationId: deleteOrgKey parameters: - description: The Key ID example: e389ae00a2b145feaf28d6cc11f0f86d in: path name: keyID required: true schema: type: string responses: '200': content: application/json: example: action: deleted key: e389ae00a2b145feaf28d6cc11f0f86d status: ok schema: $ref: '#/components/schemas/ApiModifyKeySuccess' description: OK '400': content: application/json: example: message: Failed to remove the key status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Bad Request '403': content: application/json: example: message: Attempted administrative access with invalid or missing key! status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Forbidden '404': content: application/json: example: message: Org not found status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Org not found summary: Tyk Delete Key tags: - Organisation Quotas x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: >- Get session info about specified organisation key. Should return up to date rate limit and quota usage numbers. operationId: getOrgKey parameters: - description: The Org ID example: 664a14650619d40001f1f00f in: query name: orgID required: false schema: type: string - description: The Key ID example: e389ae00a2b145feaf28d6cc11f0f86d in: path name: keyID required: true schema: type: string responses: '200': content: application/json: example: access_rights: itachi-api: allowed_urls: - methods: - GET url: /users api_id: 8ddd91f3cda9453442c477b06c4e2da4 api_name: Itachi api limit: per: 60 quota_max: 10000 quota_remaining: 10000 quota_renewal_rate: 3600 rate: 1000 throttle_interval: 10 throttle_retry_limit: 10 versions: - Default alias: portal-key allowance: 1000 apply_policies: - 5ead7120575961000181867e date_created: '2024-08-09T14:40:34.87614+03:00' enable_detailed_recording: true last_updated: '1723203634' meta_data: new-update-key-sample: update-key-sample tyk_developer_id: 62b3fb9a1d5e4f00017226f5 update: sample policy update user_type: mobile_user org_id: 5e9d9544a1dcd60001d0ed20 per: 60 quota_max: 10000 quota_renewal_rate: 3600 quota_renews: 1723207234 rate: 1000 tags: - security - edge - edge-eu throttle_interval: 10 throttle_retry_limit: 10 schema: properties: access_rights: additionalProperties: properties: allowed_urls: items: properties: methods: items: type: string nullable: true type: array url: type: string type: object nullable: true type: array api_id: type: string api_name: type: string limit: properties: per: type: integer quota_max: type: integer quota_remaining: type: integer quota_renewal_rate: type: integer rate: type: integer throttle_interval: type: integer throttle_retry_limit: type: integer type: object versions: items: type: string nullable: true type: array type: object nullable: true type: object alias: type: string allowance: type: integer apply_policies: items: type: string nullable: true type: array date_created: format: date-time type: string enable_detailed_recording: type: boolean last_updated: type: string meta_data: additionalProperties: type: string nullable: true type: object org_id: type: string per: type: integer quota_max: type: integer quota_renewal_rate: type: integer quota_renews: type: integer rate: type: integer tags: items: type: string nullable: true type: array throttle_interval: type: integer throttle_retry_limit: type: integer type: object description: OK '403': content: application/json: example: message: Attempted administrative access with invalid or missing key! status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Forbidden '404': content: application/json: example: message: Org not found status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Org not found summary: Tyk Get an Organisation Key tags: - Organisation Quotas x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: >- This work similar to Keys API except that Key ID is always equals Organisation ID operationId: addOrgKey parameters: - description: The Key ID example: e389ae00a2b145feaf28d6cc11f0f86d in: path name: keyID required: true schema: type: string - description: >- Adding the reset_quota parameter and setting it to 1, will cause Tyk reset the organisations quota in the live quota manager, it is recommended to use this mechanism to reset organisation-level access if a monthly subscription is in place. example: '1' in: query name: reset_quota required: false schema: enum: - '1' type: string requestBody: content: application/json: example: access_rights: itachi-api: allowed_urls: - methods: - GET url: /users api_id: 8ddd91f3cda9453442c477b06c4e2da4 api_name: Itachi api limit: per: 60 quota_max: 10000 quota_remaining: 10000 quota_renewal_rate: 3600 rate: 1000 throttle_interval: 10 throttle_retry_limit: 10 versions: - Default alias: portal-key allowance: 1000 apply_policies: - 5ead7120575961000181867e date_created: '2024-08-09T14:40:34.87614+03:00' enable_detailed_recording: true last_updated: '1723203634' meta_data: new-update-key-sample: update-key-sample tyk_developer_id: 62b3fb9a1d5e4f00017226f5 update: sample policy update user_type: mobile_user org_id: 5e9d9544a1dcd60001d0ed20 per: 60 quota_max: 10000 quota_renewal_rate: 3600 quota_renews: 1723207234 rate: 1000 tags: - security - edge - edge-eu throttle_interval: 10 throttle_retry_limit: 10 schema: $ref: '#/components/schemas/SessionState' responses: '200': content: application/json: example: action: added key: e389ae00a2b145feaf28d6cc11f0f86d status: ok schema: $ref: '#/components/schemas/ApiModifyKeySuccess' description: OK '400': content: application/json: example: message: Request malformed status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Bad Request '403': content: application/json: example: message: Attempted administrative access with invalid or missing key! status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Forbidden '404': content: application/json: example: message: No such organisation found in Active API list status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Not Found '500': content: application/json: example: message: 'Error writing to key store ' status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Internal server error. summary: Tyk Create an Organisation Key tags: - Organisation Quotas x-microcks-operation: delay: 0 dispatcher: FALLBACK put: description: >- This work similar to Keys API except that Key ID is always equals Organisation ID For Gateway v2.6.0 onwards, you can now set rate limits at the organisation level by using the following fields - allowance and rate. These are the number of allowed requests for the specified per value, and need to be set to the same value. If you don't want to have organisation level rate limiting, set `rate` or `per` to zero, or don't add them to your request. operationId: updateOrgKey parameters: - description: >- Adding the reset_quota parameter and setting it to 1, will cause Tyk reset the organisations quota in the live quota manager, it is recommended to use this mechanism to reset organisation-level access if a monthly subscription is in place. example: '1' in: query name: reset_quota required: false schema: enum: - '1' type: string - description: The Key ID example: e389ae00a2b145feaf28d6cc11f0f86d in: path name: keyID required: true schema: type: string requestBody: content: application/json: example: access_rights: itachi-api: allowed_urls: - methods: - GET url: /users api_id: 8ddd91f3cda9453442c477b06c4e2da4 api_name: Itachi api limit: per: 60 quota_max: 10000 quota_remaining: 10000 quota_renewal_rate: 3600 rate: 1000 throttle_interval: 10 throttle_retry_limit: 10 versions: - Default alias: portal-key allowance: 1000 apply_policies: - 5ead7120575961000181867e date_created: '2024-08-09T14:40:34.87614+03:00' enable_detailed_recording: true last_updated: '1723203634' meta_data: new-update-key-sample: update-key-sample tyk_developer_id: 62b3fb9a1d5e4f00017226f5 update: sample policy update user_type: mobile_user org_id: 5e9d9544a1dcd60001d0ed20 per: 60 quota_max: 10000 quota_renewal_rate: 3600 quota_renews: 1723207234 rate: 1000 tags: - security - edge - edge-eu - update-sample-tag throttle_interval: 10 throttle_retry_limit: 10 schema: $ref: '#/components/schemas/SessionState' responses: '200': content: application/json: schema: $ref: '#/components/schemas/ApiModifyKeySuccess' description: OK '400': content: application/json: example: message: Request malformed status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Bad Request '403': content: application/json: example: message: Attempted administrative access with invalid or missing key! status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Forbidden '404': content: application/json: example: message: No such organisation found in Active API list status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Not Found '500': content: application/json: example: message: 'Error writing to key store ' status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Internal server error. summary: Tyk Update Organisation Key tags: - Organisation Quotas x-microcks-operation: delay: 0 dispatcher: FALLBACK /tyk/policies: get: description: >- Retrieve all the policies in your Tyk instance. Returns an array policies. operationId: listPolicies responses: '200': content: application/json: examples: policiesExample: $ref: '#/components/examples/policiesExample' schema: items: $ref: '#/components/schemas/Policy' type: array description: List of all policies. '403': content: application/json: example: message: Attempted administrative access with invalid or missing key! status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Forbidden summary: Tyk List Policies. tags: - Policies x-microcks-operation: delay: 0 dispatcher: FALLBACK post: description: Create a policy in your Tyk Instance. operationId: addPolicy requestBody: content: application/json: example: access_rights: itachi-api: allowed_urls: - methods: - GET url: /users api_id: 8ddd91f3cda9453442c477b06c4e2da4 api_name: Itachi api disable_introspection: false versions: - Default active: true hmac_enabled: false id: 5ead7120575961000181867e is_inactive: false key_expires_in: 2592000 max_query_depth: -1 meta_data: update: sample policy update user_type: mobile_user name: Sample policy partitions: acl: true complexity: false per_api: false quota: true rate_limit: true per: 60 quota_max: 10000 quota_renewal_rate: 3600 rate: 1000 tags: - security throttle_interval: 10 throttle_retry_limit: 10 schema: $ref: '#/components/schemas/Policy' responses: '200': content: application/json: example: action: added key: 5ead7120575961000181867e status: ok schema: $ref: '#/components/schemas/ApiModifyKeySuccess' description: Policy created. '400': content: application/json: example: message: Request malformed status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Malformed request. '403': content: application/json: example: message: Attempted administrative access with invalid or missing key! status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Forbidden '500': content: application/json: example: message: >- Due to enabled service policy source, please use the Dashboard API. status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Internal server error. summary: Tyk Create a Policy. tags: - Policies x-microcks-operation: delay: 0 dispatcher: FALLBACK /tyk/policies/{polID}: delete: description: Delete a policy by ID in your Tyk instance. operationId: deletePolicy parameters: - description: >- You can retrieve details of a single policy by ID in your Tyk instance. example: 5ead7120575961000181867e in: path name: polID required: true schema: type: string responses: '200': content: application/json: example: action: deleted key: 5ead7120575961000181867e status: ok schema: $ref: '#/components/schemas/ApiModifyKeySuccess' description: Deleted policy by ID '400': content: application/json: example: message: Must specify an apiID to update status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Policy Id not provided '403': content: application/json: example: message: Attempted administrative access with invalid or missing key! status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Forbidden '500': content: application/json: example: message: Delete failed status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Internal server error. summary: Tyk Delete a Policy. tags: - Policies x-microcks-operation: delay: 0 dispatcher: FALLBACK get: description: You can retrieve details of a single policy by ID in your Tyk instance. operationId: getPolicy parameters: - description: >- You can retrieve details of a single policy by ID in your Tyk instance. example: 5ead7120575961000181867e in: path name: polID required: true schema: type: string responses: '200': content: application/json: example: access_rights: itachi-api: allowed_urls: - methods: - GET url: /users api_id: 8ddd91f3cda9453442c477b06c4e2da4 api_name: Itachi api disable_introspection: false versions: - Default active: true hmac_enabled: false id: 5ead7120575961000181867e is_inactive: false key_expires_in: 2592000 max_query_depth: -1 meta_data: update: sample policy update user_type: mobile_user name: Sample policy partitions: acl: true complexity: false per_api: false quota: true rate_limit: true per: 60 quota_max: 10000 quota_renewal_rate: 3600 rate: 1000 tags: - security throttle_interval: 10 throttle_retry_limit: 10 schema: $ref: '#/components/schemas/Policy' description: Get details of a single policy. '403': content: application/json: example: message: Attempted administrative access with invalid or missing key! status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Forbidden '404': content: application/json: example: message: Policy not found status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Policy not found summary: Tyk Get a Policy. tags: - Policies x-microcks-operation: delay: 0 dispatcher: FALLBACK put: description: You can update a Policy in your Tyk Instance by ID. operationId: updatePolicy parameters: - description: >- You can retrieve details of a single policy by ID in your Tyk instance. example: 5ead7120575961000181867e in: path name: polID required: true schema: type: string requestBody: content: application/json: example: access_rights: itachi-api: allowed_urls: - methods: - GET url: /users api_id: 8ddd91f3cda9453442c477b06c4e2da4 api_name: Itachi api disable_introspection: false versions: - Default active: true hmac_enabled: false id: 5ead7120575961000181867e is_inactive: false key_expires_in: 2592000 max_query_depth: -1 meta_data: update: sample policy update user_type: mobile_user name: update policy sample partitions: acl: true complexity: false per_api: false quota: true rate_limit: true per: 60 quota_max: 10000 quota_renewal_rate: 3600 rate: 1000 tags: - security throttle_interval: 10 throttle_retry_limit: 10 schema: $ref: '#/components/schemas/Policy' responses: '200': content: application/json: example: action: modified key: 5ead7120575961000181867e status: ok schema: $ref: '#/components/schemas/ApiModifyKeySuccess' description: Policy updated '400': content: application/json: example: message: Request malformed status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: malformed request '403': content: application/json: example: message: Attempted administrative access with invalid or missing key! status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Forbidden '500': content: application/json: example: message: Failed to create file! status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Internal server error. summary: Tyk Update a Policy. tags: - Policies x-microcks-operation: delay: 0 dispatcher: FALLBACK /tyk/reload: get: description: >- Tyk is capable of reloading configurations without having to stop serving requests. This means that API configurations can be added at runtime, or even modified at runtime and those rules applied immediately without any downtime. operationId: hotReload parameters: - description: >- Block a response until the reload is performed. This can be useful in scripting environments like CI/CD workflows. example: false in: query name: block required: false schema: enum: - true - false type: boolean responses: '200': content: application/json: example: message: '' status: ok schema: $ref: '#/components/schemas/ApiStatusMessage' description: Reload gateway. '403': content: application/json: example: message: Attempted administrative access with invalid or missing key! status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Forbidden summary: Tyk Hot-reload a Single Node. tags: - Hot Reload x-microcks-operation: delay: 0 dispatcher: FALLBACK /tyk/reload/group: get: description: >- To reload a whole group of Tyk nodes (without using the Dashboard or host manager). You can send an API request to a single node, this node will then send a notification through the pub/sub infrastructure to all other listening nodes (including the host manager if it is being used to manage Nginx) which will then trigger a global reload. operationId: hotReloadGroup responses: '200': content: application/json: example: message: '' status: ok schema: $ref: '#/components/schemas/ApiStatusMessage' description: Reload the Tyk Gateway. '403': content: application/json: example: message: Attempted administrative access with invalid or missing key! status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Forbidden summary: Hot-reload a Group of Tyk Nodes. tags: - Hot Reload x-microcks-operation: delay: 0 dispatcher: FALLBACK /{listen_path}/tyk/batch: post: description: Endpoint to run batch request. operationId: batch parameters: - description: API listen path example: get in: path name: listen_path required: true schema: type: string requestBody: content: application/json: example: requests: - body: '' headers: authorization: 1dbc83b9c431649d7698faa9797e2900f x-tyk-test: '1' x-tyk-version: '1.2' method: GET relative_url: get - body: '' headers: authorization: 1dbc83b9c431649d7698faa9797e2900f x-tyk-test: '2' x-tyk-version: '1.2' method: GET relative_url: get suppress_parallel_execution: false schema: $ref: '#/components/schemas/BatchRequestStructure' responses: '200': content: application/json: example: - body: '{"message": "success"}' code: 200 headers: Access-Control-Allow-Credentials: - 'true' Content-Type: - application/json relative_url: get schema: items: $ref: '#/components/schemas/BatchReplyUnit' type: array description: Success. '400': content: application/json: example: message: Batch request malformed status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Bad Request '403': content: application/json: example: message: Attempted administrative access with invalid or missing key! status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Forbidden summary: Tyk Run Batch Request. tags: - Batch Requests x-microcks-operation: delay: 0 dispatcher: FALLBACK /tyk/schema: get: description: Get OAS schema definition using a version. operationId: getSchema parameters: - description: The OAS version to fetch. example: 3.0.3 in: query name: oasVersion required: false schema: type: string responses: '200': content: application/json: example: message: '' status: Success schema: $ref: '#/components/schemas/OASSchemaResponse' description: OAS schema response. '403': content: application/json: example: message: Attempted administrative access with invalid or missing key! status: error schema: $ref: '#/components/schemas/ApiStatusMessage' description: Forbidden '404': content: application/json: example: message: Schema not found for version "4" status: Failed schema: $ref: '#/components/schemas/OASSchemaResponse' description: Version not found summary: Tyk Get Oas Schema. tags: - Schema x-microcks-operation: delay: 0 dispatcher: FALLBACK components: examples: certIdList: value: certs: - >- 5e9d9544a1dcd60001d0ed20a6ab77653d5da938f452bb8cc9b55b0630a6743dabd8dc92bfb025abb09ce035 - >- 5e9d9544a1dcd60001d0ed207c440d66ebb0a4629d21329808dce9091acf5f2fde328067a6e60e5347271d90 certificateBasicList: value: certs: - dns_names: - example.com - www.example.com has_private: true id: >- 5e9d9544a1dcd60001d0ed20a6ab77653d5da938f452bb8cc9b55b0630a6743dabd8dc92bfb025abb09ce035 is_ca: false issuer_cn: Issuer 1 not_after: '2024-01-01T00:00:00Z' not_before: '2023-01-01T00:00:00Z' subject_cn: Subject 1 - dns_names: - example.org - www.example.org has_private: false id: >- 5e9d9544a1dcd60001d0ed207c440d66ebb0a4629d21329808dce9091acf5f2fde328067a6e60e5347271d90 is_ca: true issuer_cn: Issuer 2 not_after: '2024-02-01T00:00:00Z' not_before: '2023-02-01T00:00:00Z' subject_cn: Subject 2 certificateMetaExample: value: dns_names: - .*tyk.io fingerprint: 7c440d66ebb0a4629d21329808dce9091acf5f2fde328067a6e60e5347271d90 has_private: false id: >- 5e9d9544a1dcd60001d0ed207c440d66ebb0a4629d21329808dce9091acf5f2fde328067a6e60e5347271d90 is_ca: false issuer: CommonName: tyk.io Country: - Peachtree ExtraNames: Locality: Names: - Type: - 2 - 5 - 4 - 6 Value: Peachtree - Type: - 2 - 5 - 4 - 10 Value: tyk - Type: - 2 - 5 - 4 - 11 Value: tyk - Type: - 2 - 5 - 4 - 3 Value: tyk.io - Type: - 1 - 2 - 840 - 113549 - 1 - 9 - 1 Value: support@tyk.io Organization: - tyk OrganizationalUnit: - tyk PostalCode: Province: SerialNumber: '' StreetAddress: not_after: '2034-03-26T08:46:37Z' not_before: '2024-03-25T08:46:37Z' subject: CommonName: tyk.io Country: - Peachtree ExtraNames: Locality: Names: - Type: - 2 - 5 - 4 - 6 Value: Peachtree - Type: - 2 - 5 - 4 - 10 Value: tyk - Type: - 2 - 5 - 4 - 11 Value: tyk - Type: - 2 - 5 - 4 - 3 Value: tyk.io - Type: - 1 - 2 - 840 - 113549 - 1 - 9 - 1 Value: support@tyk.io Organization: - tyk OrganizationalUnit: - tyk PostalCode: Province: SerialNumber: '' StreetAddress: certificateMetaListExample: value: - dns_names: - .*tyk.io fingerprint: 7c440d66ebb0a4629d21329808dce9091acf5f2fde328067a6e60e5347271d90 has_private: false id: >- 5e9d9544a1dcd60001d0ed207c440d66ebb0a4629d21329808dce9091acf5f2fde328067a6e60e5347271d90 is_ca: false issuer: CommonName: tyk.io Country: - Peachtree ExtraNames: Locality: Names: - Type: - 2 - 5 - 4 - 6 Value: Peachtree - Type: - 2 - 5 - 4 - 10 Value: tyk - Type: - 2 - 5 - 4 - 11 Value: tyk - Type: - 2 - 5 - 4 - 3 Value: tyk.io - Type: - 1 - 2 - 840 - 113549 - 1 - 9 - 1 Value: support@tyk.io Organization: - tyk OrganizationalUnit: - tyk PostalCode: Province: SerialNumber: '' StreetAddress: not_after: '2034-03-26T08:46:37Z' not_before: '2024-03-25T08:46:37Z' subject: CommonName: tyk.io Country: - Peachtree ExtraNames: Locality: Names: - Type: - 2 - 5 - 4 - 6 Value: Peachtree - Type: - 2 - 5 - 4 - 10 Value: tyk - Type: - 2 - 5 - 4 - 11 Value: tyk - Type: - 2 - 5 - 4 - 3 Value: tyk.io - Type: - 1 - 2 - 840 - 113549 - 1 - 9 - 1 Value: support@tyk.io Organization: - tyk OrganizationalUnit: - tyk PostalCode: Province: SerialNumber: '' StreetAddress: oasExample: value: components: securitySchemes: bearerAuth: description: The API Access Credentials scheme: bearer type: http info: description: This is a sample OAS. title: OAS Sample version: 1.0.0 openapi: 3.0.3 paths: /api/sample/users: get: operationId: getUsers responses: '200': content: application/json: schema: items: properties: name: type: string type: object type: array description: fetched users summary: Get users tags: - users security: - bearerAuth: [] servers: - url: https://localhost:8080 x-tyk-api-gateway: info: name: user state: active: true server: listenPath: strip: true value: /user-test/ upstream: url: https://localhost:8080 oasExampleList: value: - components: securitySchemes: bearerAuth: description: The API Access Credentials scheme: bearer type: http info: description: This is a sample OAS. title: OAS Sample version: 1.0.0 openapi: 3.0.3 paths: /api/sample/users: get: operationId: getUsers responses: '200': content: application/json: schema: items: properties: name: type: string type: object type: array description: fetched users summary: Get users tags: - users security: - bearerAuth: [] servers: - url: https://localhost:8080 x-tyk-api-gateway: info: name: user state: active: true server: listenPath: strip: true value: /user-test/ upstream: url: https://localhost:8080 paginatedTokenExample: value: Pagination: page_num: 1 page_size: 100 page_total: 0 Tokens: - code: 5a7d110be6355b0c071cc339327563cb45174ae387f52f87a80d2496 expires: 1518158407 - code: 5a7d110be6355b0c071cc33988884222b0cf436eba7979c6c51d6dbd expires: 1518158594 - code: 5a7d110be6355b0c071cc33990bac8b5261041c5a7d585bff291fec4 expires: 1518158638 - code: 5a7d110be6355b0c071cc339a66afe75521f49388065a106ef45af54 expires: 1518159792 policiesExample: value: - _id: '' access_rights: 8ddd91f3cda9453442c477b06c4e2da4: allowance_scope: '' allowed_types: [] allowed_urls: - methods: - GET url: /users api_id: 8ddd91f3cda9453442c477b06c4e2da4 api_name: Itachi api disable_introspection: false field_access_rights: [] limit: max_query_depth: 0 per: 0 quota_max: 0 quota_remaining: 0 quota_renewal_rate: 0 quota_renews: 0 rate: 0 smoothing: delay: 30 enabled: false step: 100 threshold: 500 trigger: 0.8 throttle_interval: 0 throttle_retry_limit: 0 restricted_types: [] versions: - Default active: true enable_http_signature_validation: false graphql_access_rights: hmac_enabled: false id: 5ead7120575961000181867e is_inactive: false key_expires_in: 2592000 last_updated: '1716980105' max_query_depth: -1 meta_data: user_type: mobile_user name: Sample policy org_id: 664a14650619d40001f1f00f partitions: acl: true complexity: false per_api: false quota: true rate_limit: true per: 60 quota_max: 10000 quota_renewal_rate: 3600 rate: 1000 smoothing: delay: 30 enabled: false step: 100 threshold: 500 trigger: 0.8 tags: - security throttle_interval: 10 throttle_retry_limit: 10 tokenListExample: value: - code: 5a7d110be6355b0c071cc339327563cb45174ae387f52f87a80d2496 expires: 1518158407 - code: 5a7d110be6355b0c071cc33988884222b0cf436eba7979c6c51d6dbd expires: 1518158594 - code: 5a7d110be6355b0c071cc33990bac8b5261041c5a7d585bff291fec4 expires: 1518158638 - code: 5a7d110be6355b0c071cc339a66afe75521f49388065a106ef45af54 expires: 1518159792 parameters: AccessType: description: Filter for internal or external API versions example: internal in: query name: accessType required: false schema: enum: - internal - external type: string AllowList: description: Enable allowList middleware for all endpoints in: query name: allowList required: false schema: $ref: '#/components/schemas/BooleanQueryParam' Authentication: description: >- Enable/disable the authentication mechanism in your Tyk Gateway for your OAS API in: query name: authentication schema: $ref: '#/components/schemas/BooleanQueryParam' CustomDomain: description: Custom domain for the API example: tyk.io in: query name: customDomain required: false schema: type: string ListenPath: description: Listen path for the API example: /user-test/ in: query name: listenPath required: false schema: type: string MockResponse: description: >- Enable mockResponse middleware for all endpoints having responses configured. in: query name: mockResponse required: false schema: $ref: '#/components/schemas/BooleanQueryParam' SearchText: description: Search for API version name example: Sample oas in: query name: searchText required: false schema: type: string UpstreamURL: description: Upstream URL for the API example: https://localhost:8080 in: query name: upstreamURL required: false schema: type: string ValidateRequest: description: >- Enable validateRequest middleware for all endpoints having a request body with media type application/json in: query name: validateRequest required: false schema: $ref: '#/components/schemas/BooleanQueryParam' schemas: APIAllCertificateBasics: properties: certs: items: $ref: '#/components/schemas/CertsCertificateBasics' nullable: true type: array example: [] type: object APIAllCertificates: properties: certs: items: type: string nullable: true type: array example: [] type: object APICertificateStatusMessage: properties: id: example: >- 5e9d9544a1dcd60001d0ed207c440d66ebb0a4629d21329808dce9091acf5f2fde328067a6e60e5347271d90 type: string message: example: Certificate added type: string status: example: ok type: string type: object APIDefinition: properties: CORS: $ref: '#/components/schemas/CORSConfig' active: type: boolean example: true allowed_ips: items: type: string nullable: true type: array example: [] analytics_plugin: $ref: '#/components/schemas/AnalyticsPluginConfig' api_id: type: string example: '500123' auth: $ref: '#/components/schemas/AuthConfig' auth_configs: additionalProperties: $ref: '#/components/schemas/AuthConfig' nullable: true type: object example: example_value auth_provider: $ref: '#/components/schemas/AuthProviderMeta' base_identity_provided_by: type: string example: example_value basic_auth: properties: body_password_regexp: type: string body_user_regexp: type: string cache_ttl: type: integer disable_caching: type: boolean extract_from_body: type: boolean type: object example: example_value blacklisted_ips: items: type: string nullable: true type: array example: [] cache_options: $ref: '#/components/schemas/CacheOptions' certificate_pinning_disabled: type: boolean example: true certificates: items: type: string nullable: true type: array example: [] client_certificates: items: type: string nullable: true type: array example: [] config_data: additionalProperties: {} nullable: true type: object example: example_value config_data_disabled: type: boolean example: true custom_middleware: $ref: '#/components/schemas/MiddlewareSection' custom_middleware_bundle: type: string example: example_value custom_middleware_bundle_disabled: type: boolean example: true custom_plugin_auth_enabled: type: boolean example: true definition: $ref: '#/components/schemas/VersionDefinition' detailed_tracing: type: boolean example: true disable_quota: type: boolean example: true disable_rate_limit: type: boolean example: true do_not_track: type: boolean example: true domain: type: string example: example_value domain_disabled: type: boolean example: true dont_set_quota_on_create: type: boolean example: true enable_batch_request_support: type: boolean example: true enable_context_vars: type: boolean example: true enable_coprocess_auth: type: boolean example: true enable_detailed_recording: type: boolean example: true enable_ip_blacklisting: type: boolean example: true enable_ip_whitelisting: type: boolean example: true enable_jwt: type: boolean example: true enable_proxy_protocol: type: boolean example: true enable_signature_checking: type: boolean example: true event_handlers: $ref: '#/components/schemas/EventHandlerMetaConfig' expiration: type: string example: example_value expire_analytics_after: type: integer example: 10 external_oauth: $ref: '#/components/schemas/ExternalOAuth' global_rate_limit: $ref: '#/components/schemas/GlobalRateLimit' graphql: $ref: '#/components/schemas/GraphQLConfig' hmac_allowed_algorithms: items: type: string nullable: true type: array example: [] hmac_allowed_clock_skew: type: number example: 42.5 id: type: string example: abc123 idp_client_id_mapping_disabled: type: boolean example: true internal: type: boolean example: true is_oas: type: boolean example: true jwt_client_base_field: type: string example: example_value jwt_default_policies: items: type: string nullable: true type: array example: [] jwt_expires_at_validation_skew: minimum: 0 type: integer example: 10 jwt_identity_base_field: type: string example: example_value jwt_issued_at_validation_skew: minimum: 0 type: integer example: 10 jwt_not_before_validation_skew: minimum: 0 type: integer example: 10 jwt_policy_field_name: type: string example: example_value jwt_scope_claim_name: type: string example: example_value jwt_scope_to_policy_mapping: additionalProperties: type: string nullable: true type: object example: example_value jwt_signing_method: type: string example: example_value jwt_skip_kid: type: boolean example: '500123' jwt_source: type: string example: example_value listen_port: type: integer example: 10 name: type: string example: Example Title notifications: $ref: '#/components/schemas/NotificationsManager' oauth_meta: properties: allowed_access_types: items: type: string nullable: true type: array allowed_authorize_types: items: type: string nullable: true type: array auth_login_redirect: type: string type: object example: example_value openid_options: $ref: '#/components/schemas/OpenIDOptions' org_id: type: string example: '500123' pinned_public_keys: additionalProperties: type: string nullable: true type: object example: example_value protocol: type: string example: example_value proxy: $ref: '#/components/schemas/ProxyConfig' request_signing: $ref: '#/components/schemas/RequestSigningMeta' response_processors: items: $ref: '#/components/schemas/ResponseProcessor' nullable: true type: array example: [] scopes: $ref: '#/components/schemas/Scopes' session_lifetime: type: integer example: 10 session_lifetime_respects_key_expiration: type: boolean example: true session_provider: $ref: '#/components/schemas/SessionProviderMeta' slug: type: string example: example_value strip_auth_data: type: boolean example: true tag_headers: items: type: string nullable: true type: array example: [] tags: example: - Default - v1 items: type: string nullable: true type: array tags_disabled: type: boolean example: true upstream_certificates: additionalProperties: type: string nullable: true type: object example: example_value upstream_certificates_disabled: type: boolean example: true uptime_tests: $ref: '#/components/schemas/UptimeTests' use_basic_auth: type: boolean example: true use_go_plugin_auth: type: boolean example: true use_keyless: type: boolean example: true use_mutual_tls_auth: type: boolean example: true use_oauth2: type: boolean example: true use_openid: type: boolean example: '500123' use_standard_auth: type: boolean example: true version_data: $ref: '#/components/schemas/VersionData' type: object APILimit: properties: max_query_depth: type: integer example: 10 per: type: number example: 42.5 quota_max: type: integer example: 10 quota_remaining: type: integer example: 10 quota_renewal_rate: type: integer example: 10 quota_renews: type: integer example: 10 rate: type: number example: 42.5 smoothing: $ref: '#/components/schemas/RateLimitSmoothing' throttle_interval: type: number example: 42.5 throttle_retry_limit: type: integer example: 10 type: object AccessDefinition: properties: allowance_scope: example: d371b83b249845a2497ab9a947fd6210 type: string allowed_types: items: $ref: '#/components/schemas/GraphqlType' nullable: true type: array example: [] allowed_urls: items: $ref: '#/components/schemas/AccessSpec' nullable: true type: array example: https://www.example.com api_id: example: d1dfc6a927a046c54c0ed470f19757cc type: string api_name: example: Rate Limit Proxy API type: string disable_introspection: example: false type: boolean endpoints: $ref: '#/components/schemas/Endpoints' field_access_rights: items: $ref: '#/components/schemas/FieldAccessDefinition' nullable: true type: array example: [] limit: $ref: '#/components/schemas/APILimit' restricted_types: items: $ref: '#/components/schemas/GraphqlType' nullable: true type: array example: [] versions: example: - Default - v2 items: type: string nullable: true type: array type: object AccessSpec: properties: methods: example: - GET - POST - DELETE - PUT items: type: string nullable: true type: array url: example: anything/rate-limit-1-per-5 type: string type: object Allowance: properties: enabled: type: boolean example: true ignoreCase: type: boolean example: true type: object AnalyticsPluginConfig: properties: enable: type: boolean example: true func_name: type: string example: example_value plugin_path: type: string example: example_value type: object ApiAllKeys: properties: keys: items: type: string nullable: true type: array example: [] type: object ApiModifyKeySuccess: properties: action: example: modified type: string key: example: b13d928b9972bd18 type: string key_hash: type: string example: example_value status: example: ok type: string type: object ApiStatusMessage: properties: message: type: string example: example_value status: type: string example: example_value type: object AuthConfig: properties: auth_header_name: example: Authorization type: string cookie_name: type: string example: example_value disable_header: type: boolean example: true name: type: string example: Example Title param_name: type: string example: example_value signature: $ref: '#/components/schemas/SignatureConfig' use_certificate: type: boolean example: true use_cookie: type: boolean example: true use_param: type: boolean example: true validate_signature: type: boolean example: true type: object AuthProviderMeta: properties: meta: additionalProperties: {} nullable: true type: object example: example_value name: type: string example: Example Title storage_engine: type: string example: example_value type: object AuthSource: properties: enabled: type: boolean example: true name: type: string example: Example Title type: object AuthSources: properties: cookie: $ref: '#/components/schemas/AuthSource' header: $ref: '#/components/schemas/AuthSource' query: $ref: '#/components/schemas/AuthSource' type: object Authentication: properties: baseIdentityProvider: type: string example: example_value custom: $ref: '#/components/schemas/CustomPluginAuthentication' enabled: type: boolean example: true hmac: $ref: '#/components/schemas/HMAC' oidc: $ref: '#/components/schemas/OIDC' securitySchemes: $ref: '#/components/schemas/SecuritySchemes' stripAuthorizationData: type: boolean example: true type: object AuthenticationPlugin: properties: enabled: type: boolean example: true functionName: type: string example: example_value idExtractor: $ref: '#/components/schemas/IDExtractor' path: type: string example: example_value rawBodyOnly: type: boolean example: true type: object BasicAuthData: properties: hash_type: type: string example: example_value password: type: string example: example_value type: object BatchReplyUnit: properties: body: type: string example: example_value code: type: integer example: 10 headers: $ref: '#/components/schemas/HttpHeader' relative_url: type: string example: https://www.example.com type: object BatchRequestStructure: properties: requests: items: $ref: '#/components/schemas/RequestDefinition' nullable: true type: array example: [] suppress_parallel_execution: type: boolean example: true type: object RequestDefinition: properties: body: type: string example: example_value headers: additionalProperties: type: string nullable: true type: object example: example_value method: type: string example: example_value relative_url: type: string example: https://www.example.com type: object BooleanQueryParam: enum: - true - false example: true type: boolean CORS: properties: allowCredentials: type: boolean example: true allowedHeaders: items: type: string type: array example: [] allowedMethods: items: type: string type: array example: [] allowedOrigins: items: type: string type: array example: [] debug: type: boolean example: true enabled: type: boolean example: true exposedHeaders: items: type: string type: array example: [] maxAge: type: integer example: 10 optionsPassthrough: type: boolean example: true type: object CORSConfig: properties: allow_credentials: example: false type: boolean allowed_headers: example: - Origin - Accept - Content-Type - Authorization items: type: string nullable: true type: array allowed_methods: example: - GET - HEAD - POST items: type: string nullable: true type: array allowed_origins: example: - https://*.foo.com items: type: string nullable: true type: array debug: example: true type: boolean enable: example: false type: boolean exposed_headers: example: - Accept - Content-Type items: type: string nullable: true type: array max_age: example: 24 type: integer options_passthrough: example: false type: boolean type: object Cache: properties: cacheAllSafeRequests: type: boolean example: true cacheByHeaders: items: type: string type: array example: [] cacheResponseCodes: items: type: integer type: array example: [] controlTTLHeaderName: type: string example: example_value enableUpstreamCacheControl: type: boolean example: true enabled: type: boolean example: true timeout: type: integer example: 10 type: object CacheMeta: properties: cache_key_regex: type: string example: example_value cache_response_codes: items: type: integer nullable: true type: array example: [] disabled: type: boolean example: true method: type: string example: example_value path: type: string example: example_value timeout: format: int64 type: integer example: 10 type: object CacheOptions: properties: cache_all_safe_requests: example: false type: boolean cache_by_headers: items: type: string nullable: true type: array example: [] cache_control_ttl_header: type: string example: example_value cache_response_codes: items: type: integer nullable: true type: array example: [] cache_timeout: example: 60 format: int64 type: integer enable_cache: example: true type: boolean enable_upstream_cache_control: example: false type: boolean type: object CachePlugin: properties: cacheByRegex: type: string example: example_value cacheResponseCodes: items: type: integer type: array example: [] enabled: type: boolean example: true timeout: type: integer example: 10 type: object CertificatePinning: properties: domainToPublicKeysMapping: $ref: '#/components/schemas/PinnedPublicKeys' enabled: type: boolean example: true type: object CertsCertificateBasics: properties: dns_names: items: type: string nullable: true type: array example: [] has_private: type: boolean example: true id: type: string example: abc123 is_ca: type: boolean example: true issuer_cn: type: string example: example_value not_after: format: date-time type: string example: '2026-01-15T10:30:00Z' not_before: format: date-time type: string example: '2026-01-15T10:30:00Z' subject_cn: type: string example: example_value type: object CertsCertificateMeta: properties: dns_names: example: - .*tyk.io items: type: string type: array fingerprint: example: 7c440d66ebb0a4629d21329808dce9091acf5f2fde328067a6e60e5347271d90 type: string has_private: example: false type: boolean id: example: >- 5e9d9544a1dcd60001d0ed207c440d66ebb0a4629d21329808dce9091acf5f2fde328067a6e60e5347271d90 type: string is_ca: type: boolean example: true issuer: $ref: '#/components/schemas/PkixName' not_after: example: '2034-03-26T08:46:37Z' format: date-time type: string not_before: example: '2024-03-25T08:46:37Z' format: date-time type: string subject: $ref: '#/components/schemas/PkixName' type: object CheckCommand: properties: message: type: string example: example_value name: type: string example: Example Title type: object CircuitBreaker: properties: coolDownPeriod: type: integer example: 10 enabled: type: boolean example: true halfOpenStateEnabled: type: boolean example: true sampleSize: type: integer example: 10 threshold: type: number example: 42.5 type: object CircuitBreakerMeta: properties: disable_half_open_state: type: boolean example: true disabled: type: boolean example: true method: type: string example: example_value path: type: string example: example_value return_to_service_after: type: integer example: 10 samples: format: int64 type: integer example: 10 threshold_percent: type: number example: 42.5 type: object ClientCertificates: properties: allowlist: items: type: string nullable: true type: array example: [] enabled: type: boolean example: true type: object ClientToPolicy: properties: clientId: type: string example: '500123' policyId: type: string example: '500123' type: object ContextVariables: properties: enabled: type: boolean example: true type: object CustomPlugin: properties: enabled: type: boolean example: true functionName: type: string example: example_value path: type: string example: example_value rawBodyOnly: type: boolean example: true requireSession: type: boolean example: true type: object CustomPluginAuthentication: properties: AuthSources: $ref: '#/components/schemas/AuthSources' config: $ref: '#/components/schemas/AuthenticationPlugin' enabled: type: boolean example: true type: object CustomPlugins: items: $ref: '#/components/schemas/CustomPlugin' type: array DatasourceMappingConfiguration: properties: disabled: type: boolean example: true path: type: string example: example_value type: object DatasourceSourceConfig: properties: data_source_config: example: example_value kind: type: string example: example_value type: object DatasourceTypeFieldConfiguration: properties: data_source: $ref: '#/components/schemas/DatasourceSourceConfig' field_name: type: string example: example_value mapping: $ref: '#/components/schemas/DatasourceMappingConfiguration' type_name: type: string example: example_value type: object DetailedActivityLogs: properties: enabled: type: boolean example: true type: object DetailedTracing: properties: enabled: type: boolean example: true type: object Domain: properties: certificates: items: type: string type: array example: [] enabled: type: boolean example: true name: type: string example: Example Title type: object DomainToCertificate: properties: certificate: type: string example: example_value domain: type: string example: example_value type: object EndPointMeta: properties: disabled: type: boolean example: true ignore_case: type: boolean example: true method: type: string example: example_value method_actions: additionalProperties: $ref: '#/components/schemas/EndpointMethodMeta' type: object example: example_value path: type: string example: example_value type: object Endpoint: properties: methods: $ref: '#/components/schemas/EndpointMethods' path: type: string example: example_value type: object EndpointMethod: properties: limit: $ref: '#/components/schemas/RateLimitType2' name: type: string example: Example Title type: object EndpointMethodMeta: properties: action: enum: - no_action - reply type: string example: no_action code: type: integer example: 10 data: type: string example: example_value headers: additionalProperties: type: string nullable: true type: object example: example_value type: object EndpointMethods: items: $ref: '#/components/schemas/EndpointMethod' type: array EndpointPostPlugin: properties: enabled: type: boolean example: true functionName: type: string example: example_value name: type: string example: Example Title path: type: string example: example_value type: object EndpointPostPlugins: items: $ref: '#/components/schemas/EndpointPostPlugin' type: array Endpoints: items: $ref: '#/components/schemas/Endpoint' type: array EnforceTimeout: properties: enabled: type: boolean example: true value: type: integer example: 10 type: object EventHandler: properties: enabled: type: boolean example: true id: type: string example: abc123 name: type: string example: Example Title trigger: type: string example: example_value type: type: string example: example_value type: object EventHandlerMetaConfig: properties: events: additionalProperties: items: $ref: '#/components/schemas/EventHandlerTriggerConfig' type: array nullable: true type: object example: example_value type: object EventHandlerTriggerConfig: properties: handler_meta: additionalProperties: {} nullable: true type: object example: example_value handler_name: type: string example: example_value type: object EventHandlers: items: $ref: '#/components/schemas/EventHandler' type: array ExtendedPathsSet: properties: advance_cache_config: items: $ref: '#/components/schemas/CacheMeta' type: array example: [] black_list: items: $ref: '#/components/schemas/EndPointMeta' type: array example: [] cache: items: type: string type: array example: [] circuit_breakers: items: $ref: '#/components/schemas/CircuitBreakerMeta' type: array example: [] do_not_track_endpoints: items: $ref: '#/components/schemas/TrackEndpointMeta' type: array example: [] go_plugin: items: $ref: '#/components/schemas/GoPluginMeta' type: array example: [] hard_timeouts: items: $ref: '#/components/schemas/HardTimeoutMeta' type: array example: [] ignored: items: $ref: '#/components/schemas/EndPointMeta' type: array example: [] internal: items: $ref: '#/components/schemas/InternalMeta' type: array example: [] method_transforms: items: $ref: '#/components/schemas/MethodTransformMeta' type: array example: [] mock_response: items: $ref: '#/components/schemas/MockResponseMeta' type: array example: [] persist_graphql: items: $ref: '#/components/schemas/PersistGraphQLMeta' nullable: true type: array example: [] rate_limit: items: $ref: '#/components/schemas/RateLimitMeta' nullable: true type: array example: [] size_limits: items: $ref: '#/components/schemas/RequestSizeMeta' type: array example: [] track_endpoints: items: $ref: '#/components/schemas/TrackEndpointMeta' type: array example: [] transform: items: $ref: '#/components/schemas/TemplateMeta' type: array example: [] transform_headers: items: $ref: '#/components/schemas/HeaderInjectionMeta' type: array example: [] transform_jq: items: $ref: '#/components/schemas/TransformJQMeta' type: array example: [] transform_jq_response: items: $ref: '#/components/schemas/TransformJQMeta' type: array example: [] transform_response: items: $ref: '#/components/schemas/TemplateMeta' type: array example: [] transform_response_headers: items: $ref: '#/components/schemas/HeaderInjectionMeta' type: array example: [] url_rewrites: items: $ref: '#/components/schemas/URLRewriteMeta' type: array example: https://www.example.com validate_json: items: $ref: '#/components/schemas/ValidatePathMeta' type: array example: [] validate_request: items: $ref: '#/components/schemas/ValidateRequestMeta' type: array example: [] virtual: items: $ref: '#/components/schemas/VirtualMeta' type: array example: [] white_list: items: $ref: '#/components/schemas/EndPointMeta' type: array example: [] type: object ExternalOAuth: properties: enabled: type: boolean example: true providers: items: $ref: '#/components/schemas/Provider' nullable: true type: array example: [] type: object FieldAccessDefinition: properties: field_name: type: string example: example_value limits: $ref: '#/components/schemas/FieldLimits' type_name: type: string example: example_value type: object FieldLimits: properties: max_query_depth: type: integer example: 10 type: object FromOASExamples: properties: code: type: integer example: 10 contentType: type: string example: example_value enabled: type: boolean example: true exampleName: type: string example: example_value type: object GatewayTags: properties: enabled: type: boolean example: true tags: items: type: string nullable: true type: array example: [] type: object Global: properties: cache: $ref: '#/components/schemas/Cache' contextVariables: $ref: '#/components/schemas/ContextVariables' cors: $ref: '#/components/schemas/CORS' pluginConfig: $ref: '#/components/schemas/PluginConfig' postAuthenticationPlugin: $ref: '#/components/schemas/PostAuthenticationPlugin' postAuthenticationPlugins: $ref: '#/components/schemas/CustomPlugins' postPlugin: $ref: '#/components/schemas/PostPlugin' postPlugins: $ref: '#/components/schemas/CustomPlugins' prePlugin: $ref: '#/components/schemas/PrePlugin' prePlugins: $ref: '#/components/schemas/CustomPlugins' responsePlugin: $ref: '#/components/schemas/ResponsePlugin' responsePlugins: $ref: '#/components/schemas/CustomPlugins' trafficLogs: $ref: '#/components/schemas/TrafficLogs' transformRequestHeaders: $ref: '#/components/schemas/TransformHeaders' transformResponseHeaders: $ref: '#/components/schemas/TransformHeaders' type: object GlobalRateLimit: properties: disabled: type: boolean example: true per: type: number example: 42.5 rate: type: number example: 42.5 type: object GoPluginMeta: properties: disabled: type: boolean example: true func_name: type: string example: example_value method: type: string example: example_value path: type: string example: example_value plugin_path: type: string example: example_value type: object GraphAccessDefinition: type: object GraphQLConfig: properties: enabled: type: boolean example: true engine: $ref: '#/components/schemas/GraphQLEngineConfig' execution_mode: enum: - proxyOnly - executionEngine - subgraph - supergraph type: string example: proxyOnly introspection: $ref: '#/components/schemas/GraphQLIntrospectionConfig' last_schema_update: format: date-time nullable: true type: string example: '2026-01-15T10:30:00Z' playground: $ref: '#/components/schemas/GraphQLPlayground' proxy: $ref: '#/components/schemas/GraphQLProxyConfig' schema: type: string example: example_value subgraph: $ref: '#/components/schemas/GraphQLSubgraphConfig' supergraph: $ref: '#/components/schemas/GraphQLSupergraphConfig' type_field_configurations: items: $ref: '#/components/schemas/DatasourceTypeFieldConfiguration' nullable: true type: array example: [] version: enum: - '''' - '1' - '2' type: string example: '''' type: object GraphQLEngineConfig: properties: data_sources: items: $ref: '#/components/schemas/GraphQLEngineDataSource' nullable: true type: array example: [] field_configs: items: $ref: '#/components/schemas/GraphQLFieldConfig' nullable: true type: array example: [] global_headers: items: $ref: '#/components/schemas/UDGGlobalHeader' nullable: true type: array example: [] type: object GraphQLEngineDataSource: properties: config: example: example_value internal: type: boolean example: true kind: type: string example: example_value name: type: string example: Example Title root_fields: items: $ref: '#/components/schemas/GraphQLTypeFields' nullable: true type: array example: [] type: object GraphQLFieldConfig: properties: disable_default_mapping: type: boolean example: true field_name: type: string example: example_value path: items: type: string nullable: true type: array example: [] type_name: type: string example: example_value type: object GraphQLIntrospectionConfig: properties: disabled: type: boolean example: true type: object GraphQLPlayground: properties: enabled: type: boolean example: true path: type: string example: example_value type: object GraphQLProxyConfig: properties: auth_headers: additionalProperties: type: string nullable: true type: object example: example_value features: $ref: '#/components/schemas/GraphQLProxyFeaturesConfig' request_headers: additionalProperties: type: string nullable: true type: object example: example_value request_headers_rewrite: additionalProperties: $ref: '#/components/schemas/RequestHeadersRewriteConfig' nullable: true type: object example: example_value subscription_type: type: string example: example_value use_response_extensions: $ref: '#/components/schemas/GraphQLResponseExtensions' type: object GraphQLProxyFeaturesConfig: properties: use_immutable_headers: type: boolean example: true type: object GraphQLResponseExtensions: properties: on_error_forwarding: type: boolean example: true type: object GraphQLSubgraphConfig: properties: sdl: type: string example: example_value type: object GraphQLSubgraphEntity: properties: api_id: type: string example: '500123' headers: additionalProperties: type: string nullable: true type: object example: example_value name: type: string example: Example Title sdl: type: string example: example_value subscription_type: type: string example: example_value url: type: string example: https://www.example.com type: object GraphQLSupergraphConfig: properties: disable_query_batching: type: boolean example: true global_headers: additionalProperties: type: string nullable: true type: object example: example_value merged_sdl: type: string example: example_value subgraphs: items: $ref: '#/components/schemas/GraphQLSubgraphEntity' nullable: true type: array example: [] updated_at: format: date-time nullable: true type: string example: '2026-01-15T10:30:00Z' type: object GraphQLTypeFields: properties: fields: items: type: string nullable: true type: array example: [] type: type: string example: example_value type: object GraphqlType: properties: fields: items: type: string nullable: true type: array example: [] name: type: string example: Example Title type: object HMAC: properties: AuthSources: $ref: '#/components/schemas/AuthSources' allowedAlgorithms: items: type: string type: array example: [] allowedClockSkew: type: number example: 42.5 enabled: type: boolean example: true type: object HardTimeoutMeta: properties: disabled: type: boolean example: true method: type: string example: example_value path: type: string example: example_value timeout: type: integer example: 10 type: object Header: properties: name: type: string example: Example Title value: type: string example: example_value type: object HeaderInjectionMeta: properties: act_on: type: boolean example: true add_headers: additionalProperties: type: string nullable: true type: object example: example_value delete_headers: items: type: string nullable: true type: array example: [] disabled: type: boolean example: true method: type: string example: example_value path: type: string example: example_value type: object Headers: items: $ref: '#/components/schemas/Header' type: array HealthCheckItem: properties: componentId: type: string example: '500123' componentType: type: string example: example_value output: type: string example: example_value status: enum: - pass - fail - warn type: string example: pass time: type: string example: example_value type: object HealthCheckResponse: properties: description: type: string example: A sample description. details: additionalProperties: $ref: '#/components/schemas/HealthCheckItem' type: object example: example_value output: type: string example: example_value status: enum: - pass - fail - warn type: string example: pass version: type: string example: example_value type: object HostCheckObject: properties: body: type: string example: example_value commands: items: $ref: '#/components/schemas/CheckCommand' nullable: true type: array example: [] enable_proxy_protocol: type: boolean example: true headers: additionalProperties: type: string nullable: true type: object example: example_value method: type: string example: example_value protocol: type: string example: example_value timeout: type: integer example: 10 url: type: string example: https://www.example.com type: object HttpHeader: additionalProperties: items: type: string type: array type: object IDExtractor: properties: config: $ref: '#/components/schemas/IDExtractorConfig' enabled: type: boolean example: true source: type: string example: example_value with: type: string example: example_value type: object IDExtractorConfig: properties: formParamName: type: string example: example_value headerName: type: string example: example_value regexp: type: string example: example_value regexpMatchIndex: type: integer example: 10 xPathExp: type: string example: example_value type: object Info: properties: dbId: type: string example: '500123' expiration: type: string example: example_value id: type: string example: abc123 name: type: string example: Example Title orgId: type: string example: '500123' state: $ref: '#/components/schemas/State' versioning: $ref: '#/components/schemas/Versioning' type: object Internal: properties: enabled: type: boolean example: true type: object InternalMeta: properties: disabled: type: boolean example: true method: type: string example: example_value path: type: string example: example_value type: object Introspection: properties: cache: $ref: '#/components/schemas/IntrospectionCache' client_id: type: string example: '500123' client_secret: type: string example: example_value enabled: type: boolean example: true identity_base_field: type: string example: example_value url: type: string example: https://www.example.com type: object IntrospectionCache: properties: enabled: type: boolean example: true timeout: format: int64 type: integer example: 10 type: object JWTData: properties: secret: type: string example: example_value type: object JWTValidation: properties: enabled: type: boolean example: true expires_at_validation_skew: minimum: 0 type: integer example: 10 identity_base_field: type: string example: example_value issued_at_validation_skew: minimum: 0 type: integer example: 10 not_before_validation_skew: minimum: 0 type: integer example: 10 signing_method: type: string example: example_value source: type: string example: example_value type: object ListenPath: properties: strip: type: boolean example: true value: type: string example: example_value type: object MethodTransformMeta: properties: disabled: type: boolean example: true method: type: string example: example_value path: type: string example: example_value to_method: type: string example: example_value type: object Middleware: properties: global: $ref: '#/components/schemas/Global' operations: $ref: '#/components/schemas/Operations' type: object MiddlewareDefinition: properties: disabled: type: boolean example: true name: example: PreMiddlewareFunction type: string path: type: string example: example_value raw_body_only: example: false type: boolean require_session: example: false type: boolean type: object MiddlewareIdExtractor: properties: disabled: type: boolean example: true extract_from: type: string example: example_value extract_with: type: string example: example_value extractor_config: additionalProperties: {} nullable: true type: object example: example_value type: object MiddlewareSection: properties: auth_check: $ref: '#/components/schemas/MiddlewareDefinition' driver: type: string example: example_value id_extractor: $ref: '#/components/schemas/MiddlewareIdExtractor' post: items: $ref: '#/components/schemas/MiddlewareDefinition' nullable: true type: array example: [] post_key_auth: items: $ref: '#/components/schemas/MiddlewareDefinition' nullable: true type: array example: [] pre: items: $ref: '#/components/schemas/MiddlewareDefinition' nullable: true type: array example: [] response: items: $ref: '#/components/schemas/MiddlewareDefinition' nullable: true type: array example: [] type: object MockResponse: properties: body: type: string example: example_value code: type: integer example: 10 enabled: type: boolean example: true fromOASExamples: $ref: '#/components/schemas/FromOASExamples' headers: $ref: '#/components/schemas/Headers' type: object MockResponseMeta: properties: body: type: string example: example_value code: type: integer example: 10 disabled: type: boolean example: true headers: additionalProperties: type: string nullable: true type: object example: example_value ignore_case: type: boolean example: true method: type: string example: example_value path: type: string example: example_value type: object Monitor: properties: trigger_limits: example: - 80 - 60 - 50 items: type: number nullable: true type: array type: object MutualTLS: properties: domainToCertificateMapping: items: $ref: '#/components/schemas/DomainToCertificate' nullable: true type: array example: [] enabled: type: boolean example: true type: object NewClientRequest: properties: api_id: example: keyless type: string client_id: example: 2a06b398c17f46908de3dffcb71ef87b type: string description: example: google client login type: string meta_data: additionalProperties: type: string nullable: true type: object example: example_value policy_id: type: string example: '500123' redirect_uri: example: https://httpbin.org/ip type: string secret: example: MmQwNTI5NGQtYjU0YS00NjMyLWIwZjktNTZjY2M1ZjhjYWY0 type: string type: object NotificationsManager: properties: oauth_on_keychange_url: type: string example: https://www.example.com shared_secret: type: string example: example_value type: object OASSchemaResponse: properties: message: type: string example: example_value schema: example: example_value status: type: string example: example_value type: object OAuthClientToken: properties: code: type: string example: example_value expires: type: integer example: 10 type: object OIDC: properties: AuthSources: $ref: '#/components/schemas/AuthSources' enabled: type: boolean example: true providers: items: $ref: '#/components/schemas/ProviderType2' type: array example: [] scopes: $ref: '#/components/schemas/ScopesType2' segregateByClientId: type: boolean example: '500123' type: object OIDProviderConfig: properties: client_ids: additionalProperties: type: string nullable: true type: object example: example_value issuer: type: string example: example_value type: object OpenIDOptions: properties: providers: items: $ref: '#/components/schemas/OIDProviderConfig' nullable: true type: array example: [] segregate_by_client: type: boolean example: true type: object Operation: properties: allow: $ref: '#/components/schemas/Allowance' block: $ref: '#/components/schemas/Allowance' cache: $ref: '#/components/schemas/CachePlugin' circuitBreaker: $ref: '#/components/schemas/CircuitBreaker' doNotTrackEndpoint: $ref: '#/components/schemas/TrackEndpoint' enforceTimeout: $ref: '#/components/schemas/EnforceTimeout' ignoreAuthentication: $ref: '#/components/schemas/Allowance' internal: $ref: '#/components/schemas/Internal' mockResponse: $ref: '#/components/schemas/MockResponse' postPlugins: $ref: '#/components/schemas/EndpointPostPlugins' rateLimit: $ref: '#/components/schemas/RateLimitEndpoint' requestSizeLimit: $ref: '#/components/schemas/RequestSizeLimit' trackEndpoint: $ref: '#/components/schemas/TrackEndpoint' transformRequestBody: $ref: '#/components/schemas/TransformBody' transformRequestHeaders: $ref: '#/components/schemas/TransformHeaders' transformRequestMethod: $ref: '#/components/schemas/TransformRequestMethod' transformResponseBody: $ref: '#/components/schemas/TransformBody' transformResponseHeaders: $ref: '#/components/schemas/TransformHeaders' urlRewrite: $ref: '#/components/schemas/URLRewrite' validateRequest: $ref: '#/components/schemas/ValidateRequest' virtualEndpoint: $ref: '#/components/schemas/VirtualEndpoint' type: object Operations: additionalProperties: $ref: '#/components/schemas/Operation' type: object PaginatedOAuthClientTokens: properties: Pagination: $ref: '#/components/schemas/PaginationStatus' Tokens: items: $ref: '#/components/schemas/OAuthClientToken' nullable: true type: array example: [] type: object PaginationStatus: properties: page_num: type: integer example: 10 page_size: type: integer example: 10 page_total: type: integer example: 10 type: object PersistGraphQLMeta: properties: method: type: string example: example_value operation: type: string example: example_value path: type: string example: example_value variables: additionalProperties: {} nullable: true type: object example: example_value type: object PinnedPublicKey: properties: domain: type: string example: example_value publicKeys: items: type: string nullable: true type: array example: [] type: object PinnedPublicKeys: items: $ref: '#/components/schemas/PinnedPublicKey' nullable: true type: array PkixName: type: object PluginBundle: properties: enabled: type: boolean example: true path: type: string example: example_value type: object PluginConfig: properties: bundle: $ref: '#/components/schemas/PluginBundle' data: $ref: '#/components/schemas/PluginConfigData' driver: type: string example: example_value type: object PluginConfigData: properties: enabled: type: boolean example: true value: additionalProperties: {} nullable: true type: object example: example_value type: object Policy: properties: _id: example: 5ead7120575961000181867e type: string access_rights: additionalProperties: $ref: '#/components/schemas/AccessDefinition' nullable: true type: object example: example_value active: example: true type: boolean enable_http_signature_validation: example: false type: boolean graphql_access_rights: additionalProperties: $ref: '#/components/schemas/GraphAccessDefinition' nullable: true type: object example: example_value hmac_enabled: example: false type: boolean id: example: 5ead7120575961000181867e type: string is_inactive: example: false type: boolean key_expires_in: example: 0 format: int64 type: integer last_updated: example: '1655965189' type: string max_query_depth: example: -1 type: integer meta_data: additionalProperties: {} nullable: true type: object example: example_value name: example: Swagger Petstore Policy type: string org_id: example: 5e9d9544a1dcd60001d0ed20 type: string partitions: $ref: '#/components/schemas/PolicyPartitions' per: example: 60 format: double type: number quota_max: example: -1 format: int64 type: integer quota_renewal_rate: example: 3600 format: int64 type: integer rate: example: 1000 format: double type: number smoothing: $ref: '#/components/schemas/RateLimitSmoothing' tags: items: type: string nullable: true type: array example: [] throttle_interval: example: -1 format: double type: number throttle_retry_limit: example: -1 type: integer type: object PolicyPartitions: properties: acl: example: true type: boolean complexity: example: false type: boolean per_api: example: false type: boolean quota: example: true type: boolean rate_limit: example: true type: boolean type: object PolicyUpdateObj: properties: apply_policies: items: type: string nullable: true type: array example: [] policy: type: string example: example_value type: object PostAuthenticationPlugin: properties: plugins: $ref: '#/components/schemas/CustomPlugins' type: object PostPlugin: properties: plugins: $ref: '#/components/schemas/CustomPlugins' type: object PrePlugin: properties: plugins: $ref: '#/components/schemas/CustomPlugins' type: object Provider: properties: introspection: $ref: '#/components/schemas/Introspection' jwt: $ref: '#/components/schemas/JWTValidation' type: object ProviderType2: properties: clientToPolicyMapping: items: $ref: '#/components/schemas/ClientToPolicy' type: array example: [] issuer: type: string example: example_value type: object ProxyConfig: properties: check_host_against_uptime_tests: type: boolean example: true disable_strip_slash: type: boolean example: true enable_load_balancing: type: boolean example: true listen_path: example: /relative-path-examples/ type: string preserve_host_header: type: boolean example: true service_discovery: $ref: '#/components/schemas/ServiceDiscoveryConfiguration' strip_listen_path: example: true type: boolean target_list: items: type: string nullable: true type: array example: [] target_url: example: https://httpbin.org/ type: string transport: properties: proxy_url: type: string ssl_ciphers: items: type: string nullable: true type: array ssl_force_common_name_check: type: boolean ssl_insecure_skip_verify: type: boolean ssl_max_version: minimum: 0 type: integer ssl_min_version: minimum: 0 type: integer type: object example: example_value type: object RateLimit: properties: enabled: type: boolean example: true per: type: integer example: 10 rate: type: integer example: 10 type: object RateLimitEndpoint: properties: enabled: type: boolean example: true per: type: integer example: 10 rate: type: integer example: 10 type: object RateLimitMeta: properties: disabled: type: boolean example: true method: type: string example: example_value path: type: string example: example_value per: type: number example: 42.5 rate: type: number example: 42.5 type: object RateLimitSmoothing: properties: delay: type: integer example: 10 enabled: type: boolean example: true step: type: integer example: 10 threshold: type: integer example: 10 trigger: type: number example: 42.5 type: object RateLimitType2: properties: per: type: number example: 42.5 rate: type: number example: 42.5 smoothing: $ref: '#/components/schemas/RateLimitSmoothing' type: object RequestHeadersRewriteConfig: properties: remove: type: boolean example: true value: type: string example: example_value type: object RequestSigningMeta: properties: algorithm: type: string example: example_value certificate_id: type: string example: '500123' header_list: items: type: string nullable: true type: array example: [] is_enabled: type: boolean example: true key_id: type: string example: '500123' secret: type: string example: example_value signature_header: type: string example: example_value type: object RequestSizeLimit: properties: enabled: type: boolean example: true value: type: integer example: 10 type: object RequestSizeMeta: properties: disabled: type: boolean example: true method: type: string example: example_value path: type: string example: example_value size_limit: format: int64 type: integer example: 10 type: object ResponsePlugin: properties: plugins: $ref: '#/components/schemas/CustomPlugins' type: object ResponseProcessor: properties: name: type: string example: Example Title options: example: example_value type: object RoutingTrigger: properties: 'on': enum: - all - any type: string example: all options: $ref: '#/components/schemas/RoutingTriggerOptions' rewrite_to: type: string example: example_value type: object RoutingTriggerOptions: properties: header_matches: additionalProperties: $ref: '#/components/schemas/StringRegexMap' nullable: true type: object example: example_value path_part_matches: additionalProperties: $ref: '#/components/schemas/StringRegexMap' nullable: true type: object example: example_value payload_matches: $ref: '#/components/schemas/StringRegexMap' query_val_matches: additionalProperties: $ref: '#/components/schemas/StringRegexMap' nullable: true type: object example: example_value request_context_matches: additionalProperties: $ref: '#/components/schemas/StringRegexMap' nullable: true type: object example: example_value session_meta_matches: additionalProperties: $ref: '#/components/schemas/StringRegexMap' nullable: true type: object example: example_value type: object ScopeClaim: properties: scope_claim_name: type: string example: example_value scope_to_policy: additionalProperties: type: string type: object example: example_value type: object ScopeToPolicy: properties: policyId: type: string example: '500123' scope: type: string example: example_value type: object Scopes: properties: jwt: $ref: '#/components/schemas/ScopeClaim' oidc: $ref: '#/components/schemas/ScopeClaim' type: object ScopesType2: properties: claimName: type: string example: example_value scopeToPolicyMapping: items: $ref: '#/components/schemas/ScopeToPolicy' type: array example: [] type: object SecuritySchemes: additionalProperties: {} type: object Server: properties: authentication: $ref: '#/components/schemas/Authentication' clientCertificates: $ref: '#/components/schemas/ClientCertificates' customDomain: $ref: '#/components/schemas/Domain' detailedActivityLogs: $ref: '#/components/schemas/DetailedActivityLogs' detailedTracing: $ref: '#/components/schemas/DetailedTracing' eventHandlers: $ref: '#/components/schemas/EventHandlers' gatewayTags: $ref: '#/components/schemas/GatewayTags' listenPath: $ref: '#/components/schemas/ListenPath' type: object ServiceDiscovery: properties: cache: $ref: '#/components/schemas/ServiceDiscoveryCache' cacheTimeout: type: integer example: 10 dataPath: type: string example: example_value enabled: type: boolean example: true endpointReturnsList: type: boolean example: true parentDataPath: type: string example: example_value portDataPath: type: string example: example_value queryEndpoint: type: string example: example_value targetPath: type: string example: example_value useNestedQuery: type: boolean example: true useTargetList: type: boolean example: true type: object ServiceDiscoveryCache: properties: enabled: type: boolean example: true timeout: type: integer example: 10 type: object ServiceDiscoveryConfiguration: properties: cache_disabled: type: boolean example: true cache_timeout: type: integer example: 10 data_path: type: string example: example_value endpoint_returns_list: type: boolean example: true parent_data_path: type: string example: example_value port_data_path: type: string example: example_value query_endpoint: type: string example: example_value target_path: type: string example: example_value use_discovery_service: type: boolean example: true use_nested_query: type: boolean example: true use_target_list: type: boolean example: true type: object SessionProviderMeta: properties: meta: additionalProperties: {} nullable: true type: object example: example_value name: type: string example: Example Title storage_engine: type: string example: example_value type: object SessionState: properties: access_rights: additionalProperties: $ref: '#/components/schemas/AccessDefinition' nullable: true type: object example: example_value alias: example: portal-developer@example.org type: string allowance: example: 1000 format: double type: number apply_policies: example: - 641c15dd0fffb800010197bf items: type: string nullable: true type: array apply_policy_id: deprecated: true description: >- deprecated use apply_policies going forward instead to send a list of policies ids example: 641c15dd0fffb800010197bf type: string basic_auth_data: $ref: '#/components/schemas/BasicAuthData' certificate: type: string example: example_value data_expires: example: 0 format: int64 type: integer date_created: example: '2024-03-13T03:56:46.568042549Z' format: date-time type: string enable_detail_recording: deprecated: true description: deprecated use enable_detailed_recording going forward instead example: false type: boolean enable_detailed_recording: example: true type: boolean enable_http_signature_validation: example: false type: boolean expires: example: 1712895619 format: int64 type: integer hmac_enabled: example: false type: boolean hmac_string: type: string example: example_value id_extractor_deadline: format: int64 type: integer example: 10 is_inactive: example: false type: boolean jwt_data: $ref: '#/components/schemas/JWTData' last_check: example: 0 format: int64 type: integer last_updated: example: '1710302206' type: string max_query_depth: example: -1 type: integer meta_data: additionalProperties: {} example: tyk_developer_id: 62b3fb9a1d5e4f00017226f5 nullable: true type: object monitor: $ref: '#/components/schemas/Monitor' oauth_client_id: type: string example: '500123' oauth_keys: additionalProperties: type: string nullable: true type: object example: example_value org_id: example: 5e9d9544a1dcd60001d0ed20 type: string per: example: 5 format: double type: number quota_max: example: 20000 format: int64 type: integer quota_remaining: example: 20000 format: int64 type: integer quota_renewal_rate: example: 31556952 format: int64 type: integer quota_renews: example: 1710302205 format: int64 type: integer rate: example: 1 format: double type: number rsa_certificate_id: type: string example: '500123' session_lifetime: example: 0 format: int64 type: integer smoothing: $ref: '#/components/schemas/RateLimitSmoothing' tags: example: - edge - edge-eu items: type: string nullable: true type: array throttle_interval: example: 10 format: double type: number throttle_retry_limit: example: 1000 type: integer type: object SignatureConfig: properties: algorithm: type: string example: example_value allowed_clock_skew: type: integer example: 10 error_code: type: integer example: 10 error_message: type: string example: example_value header: type: string example: example_value param_name: type: string example: example_value secret: type: string example: example_value use_param: type: boolean example: true type: object State: properties: active: type: boolean example: true internal: type: boolean example: true type: object StringRegexMap: properties: match_rx: type: string example: example_value reverse: type: boolean example: true type: object TemplateData: properties: enable_session: type: boolean example: true input_type: enum: - json - xml type: string example: json template_mode: enum: - blob - file type: string example: blob template_source: type: string example: example_value type: object TemplateMeta: properties: disabled: type: boolean example: true method: type: string example: example_value path: type: string example: example_value template_data: $ref: '#/components/schemas/TemplateData' type: object Test: properties: serviceDiscovery: $ref: '#/components/schemas/ServiceDiscovery' type: object TraceHttpRequest: properties: body: type: string example: example_value headers: $ref: '#/components/schemas/HttpHeader' method: example: GET type: string path: example: /keyless-test/ type: string type: object TraceRequest: properties: request: $ref: '#/components/schemas/TraceHttpRequest' spec: $ref: '#/components/schemas/APIDefinition' type: object TraceResponse: properties: logs: example: >- {"level":"warning","msg":"Legacy path detected! Upgrade to extended.... type: string message: example: ok type: string response: example: "====== Request ======\nGET / HTTP/1.1\r\nHost: httpbin.org\r\n\r\n\n====== Response..." type: string type: object TrackEndpoint: properties: enabled: type: boolean example: true type: object TrackEndpointMeta: properties: disabled: type: boolean example: true method: type: string example: example_value path: type: string example: example_value type: object TrafficLogs: properties: enabled: type: boolean example: true type: object TransformBody: properties: body: type: string example: example_value enabled: type: boolean example: true format: type: string example: example_value path: type: string example: example_value type: object TransformHeaders: properties: add: $ref: '#/components/schemas/Headers' enabled: type: boolean example: true remove: items: type: string type: array example: [] type: object TransformJQMeta: properties: filter: type: string example: example_value method: type: string example: example_value path: type: string example: example_value type: object TransformRequestMethod: properties: enabled: type: boolean example: true toMethod: type: string example: example_value type: object UDGGlobalHeader: properties: key: type: string example: example_value value: type: string example: example_value type: object URLRewrite: properties: enabled: type: boolean example: true pattern: type: string example: example_value rewriteTo: type: string example: example_value triggers: items: $ref: '#/components/schemas/URLRewriteTrigger' type: array example: [] type: object URLRewriteMeta: properties: disabled: type: boolean example: true match_pattern: type: string example: example_value method: type: string example: example_value path: type: string example: example_value rewrite_to: type: string example: example_value triggers: items: $ref: '#/components/schemas/RoutingTrigger' nullable: true type: array example: [] type: object URLRewriteRule: properties: in: type: string example: example_value name: type: string example: Example Title negate: type: boolean example: true pattern: type: string example: example_value type: object URLRewriteTrigger: properties: condition: type: string example: example_value rewriteTo: type: string example: example_value rules: items: $ref: '#/components/schemas/URLRewriteRule' type: array example: [] type: object Upstream: properties: certificatePinning: $ref: '#/components/schemas/CertificatePinning' mutualTLS: $ref: '#/components/schemas/MutualTLS' rateLimit: $ref: '#/components/schemas/RateLimit' serviceDiscovery: $ref: '#/components/schemas/ServiceDiscovery' test: $ref: '#/components/schemas/Test' url: type: string example: https://www.example.com type: object UptimeTests: properties: check_list: items: $ref: '#/components/schemas/HostCheckObject' nullable: true type: array example: [] config: $ref: '#/components/schemas/UptimeTestsConfig' type: object UptimeTestsConfig: properties: expire_utime_after: type: integer example: 10 recheck_wait: type: integer example: 10 service_discovery: $ref: '#/components/schemas/ServiceDiscoveryConfiguration' type: object ValidatePathMeta: properties: disabled: type: boolean example: true error_response_code: type: integer example: 10 method: type: string example: example_value path: type: string example: example_value schema: additionalProperties: {} nullable: true type: object example: example_value schema_b64: type: string example: example_value type: object ValidateRequest: properties: enabled: type: boolean example: true errorResponseCode: type: integer example: 10 type: object ValidateRequestMeta: properties: enabled: type: boolean example: true error_response_code: type: integer example: 10 method: type: string example: example_value path: type: string example: example_value type: object VersionData: properties: default_version: type: string example: example_value not_versioned: type: boolean example: true versions: additionalProperties: $ref: '#/components/schemas/VersionInfo' nullable: true type: object example: example_value type: object VersionDefinition: properties: default: type: string example: example_value enabled: type: boolean example: true fallback_to_default: type: boolean example: true key: example: x-api-version type: string location: example: header type: string name: type: string example: Example Title strip_path: type: boolean example: true strip_versioning_data: type: boolean example: true url_versioning_pattern: type: string example: https://www.example.com versions: additionalProperties: type: string nullable: true type: object example: example_value type: object VersionInfo: properties: expires: type: string example: example_value extended_paths: $ref: '#/components/schemas/ExtendedPathsSet' global_headers: additionalProperties: type: string nullable: true type: object example: example_value global_headers_disabled: type: boolean example: true global_headers_remove: items: type: string nullable: true type: array example: [] global_response_headers: additionalProperties: type: string nullable: true type: object example: example_value global_response_headers_disabled: type: boolean example: true global_response_headers_remove: items: type: string nullable: true type: array example: [] global_size_limit: format: int64 type: integer example: 10 ignore_endpoint_case: type: boolean example: true name: type: string example: Example Title override_target: type: string example: example_value paths: properties: black_list: items: type: string nullable: true type: array ignored: items: type: string nullable: true type: array white_list: items: type: string nullable: true type: array type: object example: example_value use_extended_paths: example: true type: boolean type: object VersionMeta: properties: expirationDate: example: 2026-03-26 09:00 type: string id: example: keyless type: string internal: example: false type: boolean isDefaultVersion: example: true type: boolean name: example: Tyk Test Keyless API type: string versionName: example: v2 type: string type: object VersionMetas: properties: apis: items: $ref: '#/components/schemas/VersionMeta' nullable: true type: array example: [] status: example: success type: string type: object VersionToID: properties: id: type: string example: abc123 name: type: string example: Example Title type: object Versioning: properties: default: type: string example: example_value enabled: type: boolean example: true fallbackToDefault: type: boolean example: true key: type: string example: example_value location: type: string example: example_value name: type: string example: Example Title stripVersioningData: type: boolean example: true urlVersioningPattern: type: string example: https://www.example.com versions: items: $ref: '#/components/schemas/VersionToID' nullable: true type: array example: [] type: object VirtualEndpoint: properties: body: type: string example: example_value enabled: type: boolean example: true functionName: type: string example: example_value name: type: string example: Example Title path: type: string example: example_value proxyOnError: type: boolean example: true requireSession: type: boolean example: true type: object VirtualMeta: properties: disabled: type: boolean example: true function_source_type: enum: - blob - file type: string example: blob function_source_uri: type: string example: example_value method: type: string example: example_value path: type: string example: example_value proxy_on_error: type: boolean example: true response_function_name: type: string example: example_value use_session: type: boolean example: true type: object XTykAPIGateway: properties: info: $ref: '#/components/schemas/Info' middleware: $ref: '#/components/schemas/Middleware' server: $ref: '#/components/schemas/Server' upstream: $ref: '#/components/schemas/Upstream' type: object securitySchemes: api_key: description: Api key in: header name: X-Tyk-Authorization type: apiKey