> ## Documentation Index
> Fetch the complete documentation index at: https://tyk.io/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Tyk AI Studio Release Notes

> Release notes documenting updates, enhancements, and changes for Tyk AI Studio and its Edge Gateway.

**This page contains all release notes for Tyk AI Studio, displayed in reverse chronological order.** Each release covers the AI Studio control plane, the Edge Gateway, and the bundled enterprise and community plugins.

Tyk AI Studio is available as a [Community edition](/nightly/ai-management/ai-studio/overview#community-edition) (open source) and an [Enterprise edition](/nightly/ai-management/ai-studio/overview#enterprise-edition).

***

## 2.1 Release Notes

### 2.1.0 Release Notes

#### Release Date 14 May 2026

#### Release Highlights

Tyk AI Studio 2.1.0 is the first feature release on the 2.x line. It expands the range of AI providers you can manage, gives compliance teams visibility into what your guardrails are actually doing, and makes the platform easier to monitor and extend.

**AWS Bedrock support**

You can now connect [AWS Bedrock](/nightly/ai-management/ai-studio/llm-management) as an LLM provider, alongside OpenAI, Anthropic, and the other supported vendors. Bedrock works everywhere the other vendors do: in the chat interface, through the OpenAI-compatible API, with full streaming, and on Edge Gateways. Applications already built with the AWS SDK can call Bedrock through Tyk without any code changes, so you get governance, budgets, and analytics on top of your existing integration. The LLM setup form guides you through entering AWS credentials, which can be stored encrypted using AI Studio's secrets manager.

**See what your guardrails are doing with Compliance Events**

Until now, the Compliance dashboard could only show you requests that were blocked outright. In practice, most governance activity is quieter than that: a filter redacts an email address, rewrites a risky passage, or flags something suspicious while letting the request through. Those interventions were invisible.

With [Compliance Events](/nightly/ai-management/ai-studio/compliance-events), your content filters can record exactly what they did and why. The events appear in a new Filter Events tab on the Compliance dashboard, where you can filter by severity, drill into the details, follow trends over time, and export everything to CSV for audits. Events recorded on Edge Gateways flow back to the central dashboard automatically. See [Filters](/nightly/ai-management/ai-studio/filters#compliance-event-reporting) to get started.

**Monitor AI Studio with your existing tools**

AI Studio and the Edge Gateway now publish [operational metrics](/nightly/ai-management/ai-studio/analytics#prometheus-and-opentelemetry-metrics) that Prometheus, Grafana, and OpenTelemetry-based tools can scrape out of the box: request volumes, token usage, cost, tool calls, policy blocks, and latency. Monitoring is on by default, so most teams just need to point their existing dashboards at it.

**Keep sensitive conversations out of your logs**

A new per-LLM setting, **Disable Request/Response Body Logging**, stops the content of requests and responses from being stored in logs and analytics for that provider. Usage counts, costs, and performance data are still recorded. This is designed for teams handling regulated or sensitive data who need usage visibility without retaining the conversations themselves.

**New plugins**

Enterprise customers get a new OAuth2 plugin that connects AI Studio to identity providers such as Auth0, Microsoft Entra ID, and Okta, automatically setting up access for new applications based on the permissions defined in your identity provider. The community plugin collection adds a flexible rate limiter for LLM traffic and a plugin that keeps model pricing up to date automatically.

#### Breaking Changes

**Custom analytics handlers need a small update.** This only affects you if your team has written a custom analytics handler plugin. The handler interface changed in this release, so custom implementations need their method signatures updated before upgrading. The details are in the [Plugin SDK Reference](/nightly/ai-management/ai-studio/plugins/sdk). If you only use the built-in analytics, no action is needed.

#### Upgrade Instructions

* **Database changes are automatic.** The schema updates itself on first startup after the upgrade; there is no manual migration step. One side effect: analytics recorded before the upgrade cannot be attributed to a specific LLM configuration, so older traffic will not appear in the new per-LLM detail views.

#### Changelog

##### Added

<AccordionGroup>
  <Accordion title="AWS Bedrock as an LLM provider">
    We have added AWS Bedrock as a fully supported LLM vendor. Bedrock models work through the chat interface, the OpenAI-compatible API, and streaming connections, on both the embedded gateway and Edge Gateways. Applications built directly on the AWS SDK can point at Tyk and keep working unchanged, gaining authentication, budgets, and analytics on the way through. The LLM form includes dedicated AWS credential fields, and credentials can be kept encrypted at rest using the secrets manager. See [LLM Management](/nightly/ai-management/ai-studio/llm-management).
  </Accordion>

  <Accordion title="Compliance Events">
    Content filters can now record structured events describing what they did: PII redacted, content rewritten, a policy matched, or an error quietly handled. Each event carries a severity (info, warning, or critical) and supporting detail.

    The Compliance dashboard surfaces these events with new summary cards for critical and warning activity, a clearer split between requests that were blocked and requests that were flagged but allowed through, risk scores that account for event severity, and a dedicated Filter Events tab with filtering, trends, and CSV export. Events from Edge Gateways are collected centrally and appear alongside everything else.

    The filter scripts that ship with AI Studio (PII redaction, content blocking, response guardrails) have been updated to record these events out of the box. See [Compliance Events](/nightly/ai-management/ai-studio/compliance-events).
  </Accordion>

  <Accordion title="Operational metrics for Prometheus and OpenTelemetry">
    AI Studio and the Edge Gateway now expose a standard metrics endpoint covering request counts, token usage, cost, tool calls, policy blocks, latency, and in-flight requests. It works with Prometheus, Grafana, and any OpenTelemetry-based monitoring stack, and is enabled by default. See [Analytics & Monitoring](/nightly/ai-management/ai-studio/analytics#prometheus-and-opentelemetry-metrics) for the full list of metrics and configuration options.
  </Accordion>

  <Accordion title="Per-LLM control over body logging">
    A new **Disable Request/Response Body Logging** option on each LLM keeps the content of requests and responses out of logs and analytics for that provider, while still recording usage, cost, and performance data. It applies on both the embedded gateway and Edge Gateways, and is switched off by default so existing behavior is unchanged.
  </Accordion>

  <Accordion title="Plugin SDK additions">
    Plugin developers get three new capabilities: gateway plugins can register applications directly on an Edge Gateway (so access can be granted immediately rather than waiting for the next configuration sync), Studio plugins can read model pricing data, and new text-handling helpers prevent a class of errors when plugins process files in unusual encodings. See the [Plugin SDK Reference](/nightly/ai-management/ai-studio/plugins/sdk).
  </Accordion>

  <Accordion title="OAuth2 client credentials plugin (Enterprise)">
    A new enterprise plugin connects AI Studio to external identity providers such as Auth0, Microsoft Entra ID, and Okta. When a new client authenticates for the first time, the plugin can automatically create its application in AI Studio from a template you define, mapped from the permissions assigned in your identity provider. Providers are managed from a new admin UI screen.
  </Accordion>

  <Accordion title="Community plugins: rate limiter and model price sync">
    The community plugin collection gains a rate limiter for LLM traffic, with limits on requests, tokens, and concurrent calls that can target specific models or applications. It includes a shadow mode for trying out rules safely before enforcing them. A second new plugin keeps your model pricing table up to date automatically by syncing from a public pricing source on a schedule, with a dry-run mode and dashboard UI.
  </Accordion>

  <Accordion title="Export chat conversations to PDF">
    Users can now export any chat conversation to PDF using the print button, in both standard and agent chats. See [Chat Interface](/nightly/ai-management/ai-studio/chat-interface).
  </Accordion>
</AccordionGroup>

##### Changed

<AccordionGroup>
  <Accordion title="Analytics now distinguish between LLM configurations that share a vendor">
    Previously, if you configured two connections to the same vendor (for example, separate Anthropic accounts for different departments), their traffic was mixed together in the LLM detail view. Each configuration now reports its own traffic, including traffic from Edge Gateways. Data recorded before the upgrade pre-dates this change and remains unattributed.
  </Accordion>

  <Accordion title="Stored secrets work in more places">
    References to the secrets manager are now resolved consistently across more of the platform: in LLM provider settings (which is what enables encrypted AWS credentials for Bedrock), in data source connections used for RAG, when resuming chat sessions, and when configuration is synced to Edge Gateways. Previously some of these paths could receive a placeholder instead of the real credential.
  </Accordion>

  <Accordion title="Plugin reliability improvements">
    Plugins now pick up configuration changes immediately instead of holding stale settings until a restart. Deleting and re-creating a plugin resource with the same name no longer fails. API responses now hide sensitive values in LLM metadata, and tool credentials are no longer returned in plain text by the admin API.
  </Accordion>
</AccordionGroup>

##### Fixed

<AccordionGroup>
  <Accordion title="Bedrock authentication and analytics gaps">
    Requests arriving through the OpenAI-compatible endpoint for Bedrock now go through the same application authentication, budget checks, and logging as every other route. Streaming Bedrock traffic is fully recorded in analytics, the model name is captured on all Bedrock paths, and records are no longer lost when a client disconnects right after a streaming response completes.
  </Accordion>

  <Accordion title="Security check no longer blocks the admin UI in development">
    A browser security check (CSRF) was incorrectly rejecting legitimate requests in development setups and in the community quickstart, and in some cases requests could continue processing even after being rejected. Both issues are resolved.
  </Accordion>

  <Accordion title="File handling for international text">
    Files containing accented characters, emoji, or non-standard encodings could fail during RAG document processing. Document chunking and file processing now handle these correctly.
  </Accordion>

  <Accordion title="Marketplace sync delay">
    Manually triggering a plugin marketplace sync now fetches the latest catalog immediately, instead of sometimes receiving a cached copy.
  </Accordion>
</AccordionGroup>
