Tyk Open Source
Open source is at the heart of what we do. Anything that is API Gateway-related, lives in the Gateway, or is critical for the Gateway to work is open and freely available via our Github.
Our commitment to open source also delivers a host of benefits for our users: signup for free with Tyk, receive securely packaged open source packages, getting started guides, access to our community and all of the latest open source information.
To get started and test it out:
Please show your support for the Gateway by clicking the GitHub link, then adding your star. Star TykTechnologies/tyk
Tyk Open Source
The Tyk Team has created and maintains the following components, which are fully Open Source and available under Mozilla Public License 2.0 (MPL). Star the Tyk components you use by clicking the appropiate button:
- Tyk Gateway - Fully fledged API Gateway (Start here!) - Star TykTechnologies/tyk
- Tyk Pump - Ship out your API traffics to external systems - Star TykTechnologies/tyk-pump
- Tyk Operator - Manage your API Configurations in K8S CRDs - Star TykTechnologies/tyk-operator
- Tyk Identity Broker - Connect your third-party IdP systems - Star TykTechnologies/tyk-identity-broker
- Tyk Sync - Version control your API configurations - Star TykTechnologies/tyk-sync
MPL is a copyleft licence that is easy to comply with. You must make the source code for any of your changes available under MPL, but you can combine the MPL software with proprietary code, as long as you keep the MPL code in separate files. Version 2.0 is, by default, compatible with LGPL and GPL version 2 or greater. You can distribute binaries under a proprietary license, as long as you make the source available under MPL. This is just a brief overview of MPL, you should refer to the MPL licence in full and if you are in any doubt about how this licence impacts you, please contact us to discuss.
You can find additional FAQs regarding the MPL licence here.
Tyk Gateway
At the center of everything is the Tyk Gateway. The primary application for Open Source and paid users alike, the Tyk Open Source API Gateway does all the heavy lifting.
Tyk is an open source Enterprise API Gateway, supporting REST, GraphQL, TCP and gRPC protocols.
Tyk Gateway is provided ‘Batteries-included’, with no feature lockout. Enabling your organization to control who accesses your APIs, when they access, and how they access it.
Tyk Technologies uses the same API Gateway for all it’s applications. Protecting, securing, and processing APIs for thousands of organizations and businesses around the world. Ideal for Open Banking, building software in the clouds as well as exposing APIs to teams, partners & consumers.
Built from the ground up to be the fastest API gateway on the planet. It does not depend on a legacy proxy underneath. It has no 3rd party dependencies aside from Redis for distributed rate-limiting and token storage. Tyk Gateway can also be deployed as part of a larger Full Lifecycle API Management platform Tyk Self-Managed which also includes Management Control Plane, Dashboard GUI and Developer Portal.
Open Source API Gateway Features
Use any protocol: REST, SOAP, GraphQL, gRPC, and TCP.
Industry Standard Authentication: OIDC, JWT, bearer Tokens, Basic Auth, Client Certificates and more.
Open API Standards: Import your Swagger and OAS2/3 documents to scaffold APIs in Tyk.
Ultra performant: Low latency, and thousands of rps with just a single CPU, horizontally and vertically scalable.
Content mediation: Transform all the things, from request or response headers to converting between SOAP and GraphQL.
Extensible Plugin Architecture: Customize Tyk’s middleware chain by writing plugins in your language of choice - from Python to Javascript to Go, or any language which supports gRPC.
Rate Limiting & Quotas: Protect your upstreams from becoming overloaded and/or apply limits for each consumer.
API Versioning - API Versions can be easily set and deprecated at a specific time and date.
Granular Access Control - Grant access to one or more APIs on a per version and operation basis.
Blocklist/Allowlist/Ignored endpoint access - Enforce strict security models on a version-by-version basis to your access points.
Analytics logging - Record detailed usage data on who is using your API’s (raw data only)
CORS - Enable CORS for certain APIs so users can make browser-based requests
Webhooks - Trigger webhooks against events such as Quota Violations and Authentication failures
IP AllowListing - Block access to non-trusted IP addresses for more secure interactions
Hitless reloads - Tyk configurations can be altered dynamically and the service restarted without affecting any active request
Kubernetes native declarative API: using Open Source Tyk Operator (more info in OSS section)
And everything else you expect from a Cloud Native API Gateway
Get Started
To Get started, simply install Tyk Open Source, and then create your first API!