Getting Started
Deploy Tyk
Managing APIs
Security in Tyk
Reference
curl --request GET \
--url https://{tenant}/api/portal/policies/search \
--header 'Authorization: Bearer <token>'{
"Data": [
{
"_id": "363635373039383964393864643030303031646131376631",
"access_rights": {
"8ddd91f3cda9453442c477b06c4e2da4": {
"allowance_scope": "",
"allowed_types": [],
"allowed_urls": [
{
"methods": [
"GET"
],
"url": "/users"
}
],
"api_id": "8ddd91f3cda9453442c477b06c4e2da4",
"api_name": "Itachi API",
"disable_introspection": false,
"field_access_rights": [],
"limit": {
"max_query_depth": 0,
"per": 0,
"quota_max": 0,
"quota_remaining": 0,
"quota_renewal_rate": 0,
"quota_renews": 0,
"rate": 0,
"set_by_policy": false,
"smoothing": {
"delay": 30,
"enabled": false,
"step": 100,
"threshold": 500,
"trigger": 0.8
},
"throttle_interval": 0,
"throttle_retry_limit": 0
},
"restricted_types": [],
"versions": [
"Default"
]
}
},
"active": true,
"date_created": "2024-05-27T10:24:31.099Z",
"hmac_enabled": false,
"id": "",
"is_inactive": false,
"key_expires_in": 2592000,
"last_updated": "1716980105",
"max_query_depth": -1,
"meta_data": {
"user_type": "mobile_user"
},
"name": "Sample policy",
"org_id": "664a14650619d40001f1f00f",
"partitions": {
"acl": true,
"complexity": false,
"per_api": false,
"quota": true,
"rate_limit": true
},
"per": 60,
"quota_max": 10000,
"quota_renewal_rate": 3600,
"rate": 1000,
"smoothing": {
"delay": 30,
"enabled": false,
"step": 100,
"threshold": 500,
"trigger": 0.8
},
"tags": [
"security"
],
"throttle_interval": 10,
"throttle_retry_limit": 10
}
],
"Pages": 1
}Search list of policies.
Search list of policies. If query parameter q is a policy ID it will look for policies that have the given ID. However if q is not a policy ID it will return policies with whose name matches the patten based via q query parameter. If you send a policy ID in query parameter q and also send query parameter policy_ids,only policy_ids will be used for searching.
curl --request GET \
--url https://{tenant}/api/portal/policies/search \
--header 'Authorization: Bearer <token>'{
"Data": [
{
"_id": "363635373039383964393864643030303031646131376631",
"access_rights": {
"8ddd91f3cda9453442c477b06c4e2da4": {
"allowance_scope": "",
"allowed_types": [],
"allowed_urls": [
{
"methods": [
"GET"
],
"url": "/users"
}
],
"api_id": "8ddd91f3cda9453442c477b06c4e2da4",
"api_name": "Itachi API",
"disable_introspection": false,
"field_access_rights": [],
"limit": {
"max_query_depth": 0,
"per": 0,
"quota_max": 0,
"quota_remaining": 0,
"quota_renewal_rate": 0,
"quota_renews": 0,
"rate": 0,
"set_by_policy": false,
"smoothing": {
"delay": 30,
"enabled": false,
"step": 100,
"threshold": 500,
"trigger": 0.8
},
"throttle_interval": 0,
"throttle_retry_limit": 0
},
"restricted_types": [],
"versions": [
"Default"
]
}
},
"active": true,
"date_created": "2024-05-27T10:24:31.099Z",
"hmac_enabled": false,
"id": "",
"is_inactive": false,
"key_expires_in": 2592000,
"last_updated": "1716980105",
"max_query_depth": -1,
"meta_data": {
"user_type": "mobile_user"
},
"name": "Sample policy",
"org_id": "664a14650619d40001f1f00f",
"partitions": {
"acl": true,
"complexity": false,
"per_api": false,
"quota": true,
"rate_limit": true
},
"per": 60,
"quota_max": 10000,
"quota_renewal_rate": 3600,
"rate": 1000,
"smoothing": {
"delay": 30,
"enabled": false,
"step": 100,
"threshold": 500,
"trigger": 0.8
},
"tags": [
"security"
],
"throttle_interval": 10,
"throttle_retry_limit": 10
}
],
"Pages": 1
}Authorizations
The Tyk Dashboard API Access Credentials
Query Parameters
Search for policy using policy ID or name.
A list of comma separated policy IDs that you want to search for.
Send any value in this query parameter to return only the active policies.
Return policies whose state field matches the sent value e.g if you send state as deny policies returned are those whose state filed value is set as deny.
deny, active, draft Field you want to use to sort the returned policies.
date_created, name, state Comma separate list of API IDs. Return only policy that that have the given API IDs in their access_right.
Return policy whose auth_type field has the given value.
Use p query parameter to say which page you want returned. Send number less than 0 to return all items.
Response
List of policies.
Show child attributes
Show child attributes
Show child attributes
Show child attributes
Show child attributes
Show child attributes
"d1dfc6a927a046c54c0ed470f19757cc"
"Rate Limit Proxy API"
false
Show child attributes
Show child attributes
Show child attributes
Show child attributes
Show child attributes
Show child attributes
Delay is a hold-off between smoothing events and controls how frequently the current allowance will step up or down (in seconds).
x >= 1Enabled indicates if rate limit smoothing is active.
Step is the increment by which the current allowance will be increased or decreased each time a smoothing event is emitted.
x >= 1Threshold is the initial rate limit beyond which smoothing will be applied. It is a count of requests during the per interval and should be less than the maximum configured rate.
x >= 1Trigger is a fraction (typically in the range 0.1-1.0) of the step at which point a smoothing event will be emitted as the request rate approaches the current allowance.
x >= 0Must be a multiple of 0.01["Default", "v2"]Show child attributes
Show child attributes
Delay is a hold-off between smoothing events and controls how frequently the current allowance will step up or down (in seconds).
x >= 1Enabled indicates if rate limit smoothing is active.
Step is the increment by which the current allowance will be increased or decreased each time a smoothing event is emitted.
x >= 1Threshold is the initial rate limit beyond which smoothing will be applied. It is a count of requests during the per interval and should be less than the maximum configured rate.
x >= 1Trigger is a fraction (typically in the range 0.1-1.0) of the step at which point a smoothing event will be emitted as the request rate approaches the current allowance.
x >= 0Must be a multiple of 0.01Was this page helpful?