Skip to main content
This page contains all release notes for Tyk AI Studio, displayed in reverse chronological order. Each release covers the AI Studio control plane, the Edge Gateway, and the bundled enterprise and community plugins. Tyk AI Studio is available as a Community edition (open source) and an Enterprise edition.

2.1 Release Notes

2.1.0 Release Notes

Release Date 14 May 2026

Release Highlights

Tyk AI Studio 2.1.0 is the first feature release on the 2.x line. It expands the range of AI providers you can manage, gives compliance teams visibility into what your guardrails are actually doing, and makes the platform easier to monitor and extend. AWS Bedrock support You can now connect AWS Bedrock as an LLM provider, alongside OpenAI, Anthropic, and the other supported vendors. Bedrock works everywhere the other vendors do: in the chat interface, through the OpenAI-compatible API, with full streaming, and on Edge Gateways. Applications already built with the AWS SDK can call Bedrock through Tyk without any code changes, so you get governance, budgets, and analytics on top of your existing integration. The LLM setup form guides you through entering AWS credentials, which can be stored encrypted using AI Studio’s secrets manager. See what your guardrails are doing with Compliance Events Until now, the Compliance dashboard could only show you requests that were blocked outright. In practice, most governance activity is quieter than that: a filter redacts an email address, rewrites a risky passage, or flags something suspicious while letting the request through. Those interventions were invisible. With Compliance Events, your content filters can record exactly what they did and why. The events appear in a new Filter Events tab on the Compliance dashboard, where you can filter by severity, drill into the details, follow trends over time, and export everything to CSV for audits. Events recorded on Edge Gateways flow back to the central dashboard automatically. See Filters to get started. Monitor AI Studio with your existing tools AI Studio and the Edge Gateway now publish operational metrics that Prometheus, Grafana, and OpenTelemetry-based tools can scrape out of the box: request volumes, token usage, cost, tool calls, policy blocks, and latency. Monitoring is on by default, so most teams just need to point their existing dashboards at it. Keep sensitive conversations out of your logs A new per-LLM setting, Disable Request/Response Body Logging, stops the content of requests and responses from being stored in logs and analytics for that provider. Usage counts, costs, and performance data are still recorded. This is designed for teams handling regulated or sensitive data who need usage visibility without retaining the conversations themselves. New plugins Enterprise customers get a new OAuth2 plugin that connects AI Studio to identity providers such as Auth0, Microsoft Entra ID, and Okta, automatically setting up access for new applications based on the permissions defined in your identity provider. The community plugin collection adds a flexible rate limiter for LLM traffic and a plugin that keeps model pricing up to date automatically.

Breaking Changes

Custom analytics handlers need a small update. This only affects you if your team has written a custom analytics handler plugin. The handler interface changed in this release, so custom implementations need their method signatures updated before upgrading. The details are in the Plugin SDK Reference. If you only use the built-in analytics, no action is needed.

Upgrade Instructions

  • Database changes are automatic. The schema updates itself on first startup after the upgrade; there is no manual migration step. One side effect: analytics recorded before the upgrade cannot be attributed to a specific LLM configuration, so older traffic will not appear in the new per-LLM detail views.

Changelog

Added
We have added AWS Bedrock as a fully supported LLM vendor. Bedrock models work through the chat interface, the OpenAI-compatible API, and streaming connections, on both the embedded gateway and Edge Gateways. Applications built directly on the AWS SDK can point at Tyk and keep working unchanged, gaining authentication, budgets, and analytics on the way through. The LLM form includes dedicated AWS credential fields, and credentials can be kept encrypted at rest using the secrets manager. See LLM Management.
Content filters can now record structured events describing what they did: PII redacted, content rewritten, a policy matched, or an error quietly handled. Each event carries a severity (info, warning, or critical) and supporting detail.The Compliance dashboard surfaces these events with new summary cards for critical and warning activity, a clearer split between requests that were blocked and requests that were flagged but allowed through, risk scores that account for event severity, and a dedicated Filter Events tab with filtering, trends, and CSV export. Events from Edge Gateways are collected centrally and appear alongside everything else.The filter scripts that ship with AI Studio (PII redaction, content blocking, response guardrails) have been updated to record these events out of the box. See Compliance Events.
AI Studio and the Edge Gateway now expose a standard metrics endpoint covering request counts, token usage, cost, tool calls, policy blocks, latency, and in-flight requests. It works with Prometheus, Grafana, and any OpenTelemetry-based monitoring stack, and is enabled by default. See Analytics & Monitoring for the full list of metrics and configuration options.
A new Disable Request/Response Body Logging option on each LLM keeps the content of requests and responses out of logs and analytics for that provider, while still recording usage, cost, and performance data. It applies on both the embedded gateway and Edge Gateways, and is switched off by default so existing behavior is unchanged.
Plugin developers get three new capabilities: gateway plugins can register applications directly on an Edge Gateway (so access can be granted immediately rather than waiting for the next configuration sync), Studio plugins can read model pricing data, and new text-handling helpers prevent a class of errors when plugins process files in unusual encodings. See the Plugin SDK Reference.
A new enterprise plugin connects AI Studio to external identity providers such as Auth0, Microsoft Entra ID, and Okta. When a new client authenticates for the first time, the plugin can automatically create its application in AI Studio from a template you define, mapped from the permissions assigned in your identity provider. Providers are managed from a new admin UI screen.
The community plugin collection gains a rate limiter for LLM traffic, with limits on requests, tokens, and concurrent calls that can target specific models or applications. It includes a shadow mode for trying out rules safely before enforcing them. A second new plugin keeps your model pricing table up to date automatically by syncing from a public pricing source on a schedule, with a dry-run mode and dashboard UI.
Users can now export any chat conversation to PDF using the print button, in both standard and agent chats. See Chat Interface.
Changed
Previously, if you configured two connections to the same vendor (for example, separate Anthropic accounts for different departments), their traffic was mixed together in the LLM detail view. Each configuration now reports its own traffic, including traffic from Edge Gateways. Data recorded before the upgrade pre-dates this change and remains unattributed.
References to the secrets manager are now resolved consistently across more of the platform: in LLM provider settings (which is what enables encrypted AWS credentials for Bedrock), in data source connections used for RAG, when resuming chat sessions, and when configuration is synced to Edge Gateways. Previously some of these paths could receive a placeholder instead of the real credential.
Plugins now pick up configuration changes immediately instead of holding stale settings until a restart. Deleting and re-creating a plugin resource with the same name no longer fails. API responses now hide sensitive values in LLM metadata, and tool credentials are no longer returned in plain text by the admin API.
Fixed
Requests arriving through the OpenAI-compatible endpoint for Bedrock now go through the same application authentication, budget checks, and logging as every other route. Streaming Bedrock traffic is fully recorded in analytics, the model name is captured on all Bedrock paths, and records are no longer lost when a client disconnects right after a streaming response completes.
A browser security check (CSRF) was incorrectly rejecting legitimate requests in development setups and in the community quickstart, and in some cases requests could continue processing even after being rejected. Both issues are resolved.
Files containing accented characters, emoji, or non-standard encodings could fail during RAG document processing. Document chunking and file processing now handle these correctly.
Manually triggering a plugin marketplace sync now fetches the latest catalog immediately, instead of sometimes receiving a cached copy.