Tyk 2.6: Taking your API Management to the next level
Ready to unlock API achievement with Tyk 2.6? Our latest version has landed, and it’s the most-anticipated release since, well, Tyk 2.5.
2.5 was a humongous, roaring Godzilla of a release for us, seeing a complete refresh of the Dashboard interface that 2.6 continues to build on, along with the arrival of Mutual TLS.
Fine-tuning our interface is always about special UX over special FX, so you’ll see many of 2.6’s updates continue our efforts to make your API management easier, whether it’s providing key hashing support or categories for your APIs.
We’ve also used version 2.6 to slip in a few bonus levels for you in the shape of some special features, in line with our roadmap and your requests. JSON schema validation and Redis TLS Support are just two of these bonus levels.
Need the full API cheat codes before we let you loose in the arcade? Read on for the 2.6 highlights here, and via the full 2.6 release notes
No coins detected…? Whether you’re on the free version of our API Management Platform or our turbo-boosted multi-data-centre Enterprise edition, these changes are for everyone, and all Gateway features and improvements are included in our open source API Gateway.
So what are you waiting for? Select your player and ready, set, go….
Catch them all: Tame your live APIs with categories
We know how it goes: one day you’re just playing around experimenting with APIs and, the next thing you know, you’ve got tens or hundreds of them to manage. We find they’re addictive like that.
Our latest version of Tyk introduces API categories to make managing your APIs much easier. With this functionality, you can attach multiple categories to an API definition, and then filter by these categories on the API list page.
They might refer to the API’s general focus: ‘weather’, ‘share prices’; geographic location ‘APAC’, ‘EMEA’; or technical markers ‘Dev’, ‘Test’. It’s completely up to you. Read about them here
Achievement unlocked: toggle between visual and raw API definitions
Some of you gave us feedback that you’d like to see all fields in the API definition exposed in the Dashboard UI. We experimented with this idea, but found that listing all the fields was too unwieldy: incomprehensible and hard to navigate. All in all, a bit of a mess…
We hate to leave you disappointed, though, so we think we’ve hit a compromise that works. We’ve now implemented the ability for you to view, and edit, the raw API definition right from the API Designer UI in the Dashboard. Simply toggle between the ‘visual’ and the ‘raw’ API definition to access both right from the Dashboard.
This also means you’ll be able to configure features that haven’t yet made it to the Dashboard UI via the API definition, and grab your raw API definition through an export function without having to expose it first. Read the raw deets here!
Game over for key hashing frustration, thanks to improved support
Pre 2.6, when key hashing was turned on, you could only get key information if you knew the original key. Though extremely secure, this only caused problems when debugging issues with developers’ keys.
To improve this we’ve introduced new key hashing support with an added option to list, lookup and delete a key by its hashed version. With this approach, you can grab all the current key state information you need based on the hashed key, as well as the original key.
This is ideal for when you know the hash of a key but would not be able to solve an issue without contacting the relevant developer for the full key. All in a way that brings efficiency without compromising security. Read about in here in the release notes
Do not pass go. Do not collect data: JSON Schema validation
You can now use Tyk to verify users’ requests against specified JSON schema and check that the data sent to your API by a consumer is in the right format. This means you can offload data validation from your application onto us.
If it’s not in the right format, then the request will be rejected. And even better, the response will be a meaningful error rather than just a ‘computer says no’. More info here
Player 2 has entered the game! Redis TLS support across all Tyk flavours
Many Redis hosting providers now support TLS and we’re pleased to confirm that we do too.
Whether it’s the open source API Gateway, or Dashboard, Pump, Sink and Tyk Identity Broker (TIB): you can now make secure connections to Redis from all Tyk products, as long as your provider allows it. Read more about it here
Open your OAuth APIs up to the world
For this latest release we’ve improved our developer portal APIs to fully support OAuth2.0 based workflow. Developers using your API will now be able to register OAuth clients and manage them.
If you are using custom developer portals, you can start using this new functionality right away. Full UI support for built-in portal will be shipped with our next 2.7 release. Read all about it here
Reach the top of the (security) leaderboard with certificate pinning
With Tyk 2.6 you can now improve security between Tyk and upstream by whitelisting public keys used to generate upstream certificates.
Having the ability to whitelist public keys means you can protect yourself in those cases where certificate authority, which generates upstream certificates, is compromised and all certificates issued by it no longer can be trusted. Read about it here
Make like Squirtle with JQ transformations
If you worked with JSON you probably know popular `jq` command line JSON processor.
Now you can use the full power of its queries and transformations, and transform requests, responses, headers and even context variables. Unfortunately, this doesn’t extend to Wartortle (yet). Check it out here
For the bonus round…
It wouldn’t be a Tyk release without more UX improvements for you all. Here’s just a flavour of some of the tweaks we’ve made to help make managing your APIs just that much easier.
You can now…
- Sort your APIs alphabetically and by created date in the API list. This is something lots of users have asked for. “Last updated date” will be coming in a future release.
- Approve/reject key requests right from the API list – now you don’t have to go into the key request to approve/reject it
- View key requests UI in 2 separate lists: Approved and Pending – now you can filter by just your pending requests, and your approved history is out of the way until you want it
- Quick copy to clipboard buttons for API URL, ID and Keys
- Clear button on search for to make it easier to get back to the default list
- Be notified that you might lose your work with an unsaved changes dialog. We’ve added an unsaved changes dialog in API Designer so you don’t lose any of your progress if you accidentally navigate away
- Add actions from dropdowns to the API list – we’ve freed up space in the table for more important data, and added the actions into a dropdown. This allows us to add more actions going forward, such as delete, export etc
- Set Catalogue settings for each individual API – now you can override the global catalogue settings and specify settings per catalogue
- And more.. View the 2.6 release notes for full details
And remember – (your feedback) points win prizes
Have you given us your feedback yet? Sign up to the Tyk Research Panel and start telling us your API hopes and dreams. Though we’re unable to dish out gold coins or extra lives, our rewards are still better than finding out Princess Peach is in another castle.
And why spend your free time getting to Level 50 mage in Skyrim when you could be battling bugs as part of our Tyk Cloud Beta Program? Request an invitation to be part of the bug bounty and get your hands on our latest pre-release version of Tyk Cloud in the process.
Get Tyk 2.6 and unlock the chaos emeralds
On Tyk cloud? You don’t have to do anything. The Gateway and Dashboard will be updated automatically.
Got Tyk Hybrid, or running On-Premises? The release is available right away via packages and Docker. Head over to the Upgrade Guide and follow the instructions.
Not using Tyk yet? What are you waiting for? Get started on Tyk now.