Tyk 5.11 has arrived, building on our enterprise security foundation with advanced authentication controls, improved certificate management, and enhanced observability. Time to empower your teams to scale their API programs efficiently and effectively!
With this release, we’re delivering the confidence your teams need in relation to security, operational control, visibility, performance, and stability. Everything that underpins a successful API program, scaling, and strategic business growth.
Strengthened security and authentication
Tyk 5.11 advances our security foundation with enhanced JWT authentication capabilities.
There’s now no need for a default policy when you use scope-to-policy mapping. We’ve also added support for nested claims (enabling more granular policy and subject identification) and a new Dashboard API endpoint so your admins can clear the JWKS cache across all connected Tyk Gateways.
This simplifies API configuration, reduces authentication downtime during credential rotations, and supports seamless integration with existing identity provider setups.
Enhanced certificate management
More proactive certificate management, with enhanced visibility, means you can avoid service disruptions resulting from expired certificates and easily plan certificate renewals across APIs. We’ve delivered this via certificate management enhancements, including dashboard visibility of certificates nearing expiry (or expired) and a certificate impact view that shows all dependent APIs.
Tyk 5.11 also supports you to deploy with confidence, knowing your client IPs are accurately identified. We’ve provided this using an RFC-compliant mTLS handshake using the issuer DN instead of the subject DN, along with IP spoofing protection through configurable depth selection in X-Forwarded-For headers.
Advanced operational control
Operational reliability and performance are both levelled up with Tyk 5.11. We’ve introduced the ability to temporarily remove targets from upstream load balancers, so you can maintain service availability during upstream maintenance and network changes. We’ve also improved Kubernetes scheduling controls so you can deploy with confidence and included background MDCB DNS monitoring for automatic connection healing. This lays the foundation for faster recovery and more stable connections in distributed setups.
Superior visibility
OTel trace propagation to custom gRPC plugins, trace ID inclusion in API traffic logs, and dedicated gateway latency metrics, alongside upstream measurements, deliver superior visibility. These enhancements mean you can monitor and optimize API response times, debug plugin performance issues with complete visibility, and link OTel traces with Tyk traffic logs for improved operational monitoring, turning technical enhancements into proven business impact.
Tyk 5.11 also supports enhanced API base path visibility in Dashboard UI and OpenAPI descriptions through dedicated URL entries for custom domains, distributed data planes and versioned access. The API Designer now displays the required versioning configuration (for headers and query parameters), and there are clear access instructions for each API version and deployment, reducing integration errors.
Not only can you now quickly identify the correct URL for any API deployment scenario, but the fact that the OpenAPI description now lists all URLs where an API can be accessed is great for your documentation. Excellent news if you’re keen to accelerate time-to-value for your API consumers.
Ugraded stability
As with every release, we’ve included important stability improvements and some bug fixes to ensure a more reliable and responsive API gateway experience for enterprise environments. Along with the enhancements above, these collectively strengthen Tyk’s position as the platform of choice for enterprise-scale API management with robust security, operational excellence, and developer productivity at its core.
You can dive into the Tyk Gateway release notes and Tyk Dashboard release notes to find out more.
Of course, the Tyk team is always here to help, so reach out with any questions!
