Access an API

Last updated: 7 minutes read.

Tutorial: Create an API Key with the Dashboard

The Tyk Dashboard is the simplest way to generate a new Key.

We have a video walkthrough for creating an API Key.

Step 1: Select “Keys” from the “System Management” section

Keys menu

Step 2: Click CREATE

Add key

Step 3: Add a Policy or API to your Key

You have the option to add your new key to either an existing Policy or an existing individual API. For this Tutorial we are going to use an API.

Add an API to your Key

To select an API, you can either:

  • Scroll through your API Name list
  • Use the Search field
  • You can also Group by Authentication Type to filter your APIs
  • You can also Group by Category

You can leave all other options at their default settings.

Step 4: Add Configuration Details

You use the Configuration section to set the following:

  1. Enable Detailed Logging. This is disabled by default and isn’t required for this tutorial
  2. Give your Key an Alias. This makes your key easier
  3. Set an Expiry time after which the key will expire. Select a value from the drop-down list. This is a required setting. See Key Expiry for more details.
  4. Add Tags to your policy. Any tags you add can be used when filtering Analytics Data. Tags are case sensitive.
  5. Add Metadata to your policy. Adding metadata such as User IDs can be used by middleware components. See Session Metadata for more details.

Step 4: Click CREATE

Create button

A Key successfully generated pop-up will be displayed with the key shown. You must save this somewhere for future reference as it will not be displayed again. Click Copy to clipboard and paste into a text document.

Key success message location

That’s it, you’ve created a key - now you can try and use it.

Tutorial: Create an API Key with the API

To create an API key, you will need the API ID that we wish to grant the key access to. Creating the token is then an API call to the endpoint.

You will also need your own API Key, to get these values:

  1. Select Users from the System Management section.
  2. In the users list, click Edit for your user.
  3. The API key is the Tyk Dashboard API Access Credentials, copy this somewhere you can reference it.

    API key location

  4. Select APIs from the System Management section.
  5. From the Actions menu for your API, select Copy API ID

API ID location

Once you have these values, you can use them to access the Dashboard API, the below curl command will generate a key for one of your APIs:

Note

  1. Replace the authorization header value with your Tyk Dashboard API Access Credentials
  2. Replace the API ID (ad5004d961a147d4649fd3216694ebe2) with your API ID
  3. It’s recommended to validate the JSON using JSON validator to avoid any malformed input error
curl -X POST -H "authorization: 1238b7e0e2ff4c2957321724409ee2eb" \
  -s \
  -H "Content-Type: application/json" \
  -X POST \
  -d '{
    "allowance": 1000,
    "rate": 1000,
    "per": 1,
    "expires": -1,
    "quota_max": -1,
    "quota_renews": 1449051461,
    "quota_remaining": -1,
    "quota_renewal_rate": 60,
    "access_rights": {
      "ad5004d961a147d4649fd3216694ebe2": {
        "api_id": "ad5004d961a147d4649fd3216694ebe2",
        "api_name": "test-api",
        "versions": ["Default"]
      }
    },
    "meta_data": {}
  }' https://admin.cloud.tyk.io/api/keys | python -mjson.tool

You will see a 200 response with your new key:

{
  "api_model": {},
  "key_id": "59bf9159adbab8abcdefghijac9299a1271641b94fbaf9913e0e048c",
  "data": {...}
}

The value returned in the key_id parameter of the response is the access key you can now use to access the API that was specified in the access_rights section of the call.

Tutorial: Create an API Key with the Dashboard

The Tyk Dashboard is the simplest way to generate a new Key.

We have a video walkthrough for creating an API Key.

Step 1: Select “Keys” from the “System Management” section

Keys menu

Step 2: Click CREATE

Add key

Step 3: Add a Policy or API to your Key

You have the option to add your new key to either an existing Policy or an existing individual API. For this Tutorial we are going to use an API.

Add an API to your Key

To select an API, you can either:

  • Scroll through your API Name list
  • Use the Search field
  • You can also Group by Authentication Type to filter your APIs
  • You can also Group by Category

You can leave all other options at their default settings.

Step 4: Add Configuration Details

You use the Configuration section to set the following:

  1. Enable Detailed Logging. This is disabled by default and isn’t required for this tutorial
  2. Give your Key an Alias. This makes your key easier
  3. Set an Expiry time after which the key will expire. Select a value from the drop-down list. This is a required setting. See Key Expiry for more details.
  4. Add Tags to your policy. Any tags you add can be used when filtering Analytics Data. Tags are case sensitive.
  5. Add Metadata to your policy. Adding metadata such as User IDs can be used by middleware components. See Session Metadata for more details.

Step 4: Click CREATE

Create button

A Key successfully generated pop-up will be displayed with the key shown. You must save this somewhere for future reference as it will not be displayed again. Click Copy to clipboard and paste into a text document.

Key success message location

That’s it, you’ve created a key - now you can try and use it.

Tutorial: Create an API Key with the API

To create an API key, you will need the API ID that we wish to grant the key access to. Creating the token is then an API call to the endpoint.

You will also need your own API Key, to get these values:

  1. Select Users from the System Management section.
  2. In the users list, click Edit for your user.
  3. The API key is the Tyk Dashboard API Access Credentials, copy this somewhere you can reference it.

    API key location

  4. Select APIs from the System Management section.
  5. From the Actions menu for your API, select Copy API ID

API ID location

Once you have these values, you can use them to access the Dashboard API, the below curl command will generate a key for one of your APIs:

Note

  1. Replace the authorization header value with your Tyk Dashboard API Access Credentials
  2. Replace the API ID (ad5004d961a147d4649fd3216694ebe2) with your API ID
  3. It’s recommended to validate the JSON using JSON validator to avoid any malformed input error
curl -X POST -H "authorization: 1238b7e0e2ff4c2957321724409ee2eb" \
  -s \
  -H "Content-Type: application/json" \
  -X POST \
  -d '{
    "allowance": 1000,
    "rate": 1000,
    "per": 1,
    "expires": -1,
    "quota_max": -1,
    "quota_renews": 1449051461,
    "quota_remaining": -1,
    "quota_renewal_rate": 60,
    "access_rights": {
      "ad5004d961a147d4649fd3216694ebe2": {
        "api_id": "ad5004d961a147d4649fd3216694ebe2",
        "api_name": "test-api",
        "versions": ["Default"]
      }
    },
    "meta_data": {}
  }' https://admin.cloud.tyk.io/api/keys | python -mjson.tool

You will see a response with your new key:

{
  "action": "create",
  "key": "c2cb92a78f944e9a46de793fe28e847e",
  "status": "ok"
}

The value returned in the key parameter of the response is the access key you can now use to access the API that was specified in the access_rights section of the call.

To create an API Key, you will need the API ID that we wish to grant the key access to, then creating the key is an API call to the endpoint.

Prerequisite

  • You will need your API secret, this is the secret property of the tyk.conf file.

Once you have this value, you can use them to access the Gateway API, the below curl command will generate a key for one of your APIs, remember to replace {API-SECRET}, {API-ID} and {API-NAME} with the real values as well as the curl domain name and port to be the correct values for your environment.

curl -X POST -H "x-tyk-authorization: {API-SECRET}" \
  -s \
  -H "Content-Type: application/json" \
  -X POST \
  -d '{
    "allowance": 1000,
    "rate": 1000,
    "per": 1,
    "expires": -1,
    "quota_max": -1,
    "org_id": "1",
    "quota_renews": 1449051461,
    "quota_remaining": -1,
    "quota_renewal_rate": 60,
    "access_rights": {
      "{API-ID}": {
        "api_id": "{API-ID}",
        "api_name": "{API-NAME}",
        "versions": ["Default"]
      }
    },
    "meta_data": {}
  }' http://localhost:8080/tyk/keys/create | python -mjson.tool

The above creates a new key with the rate limits, and security profile that grants access to the APIs listed in the access_rights section.

  • {API-ID}: The API ID you wish this policy to grant access to, there can be more than one of these entries.
  • {API-NAME}: The name of the API being granted access to (this is not required, but helps when debugging or auditing).

The important elements:

  • access_rights: A list of objects representing which APIs you have configured to grant access to.
  • rate and per: The number of allowed requests per period.
  • quota_max: The maximum number of allowed requests over a quota period.
  • quota_renewal_rate: how often the quota resets, in seconds. In this case, we have set it to renew every hour.

You will see a response with your new key:

{
  "action": "create",
  "key": "c2cb92a78f944e9a46de793fe28e847e",
  "status": "ok"
}

The value returned in the key parameter of the response is the access key you can now use to access the API that was specified in the access_rights section of the call.