Skip to main content

Documentation Index

Fetch the complete documentation index at: https://tyk.io/docs/llms.txt

Use this file to discover all available pages before exploring further.

Tyk MDCB Configuration

The Tyk MDCB server is configured primarily via the tyk_sink.conf file, this file resides in /opt/tyk-sink on most systems, but can also live anywhere and be directly targeted with the -c flag.

Environment Variables

Environment variables (env var) can be used to override the settings defined in the configuration file. Where an environment variable is specified, its value will take precedence over the value in the configuration file.

Environment Variable Type Mapping

When configuring Tyk components using environment variables, it’s important to understand how different data types are represented. The type of each variable is based on its definition in the Go source code. This section provides a guide on how to format values for common data types.
Go TypeEnvironment Variable FormatExample
stringA regular string of text.TYK_GW_SECRET="mysecret"
int, int64A whole number.TYK_GW_LISTENPORT=8080
booltrue or false.TYK_GW_USEDBAPPCONFIG=true
[]stringA comma-separated list of strings.TYK_PMP_PUMPS_STDOUT_FILTERS_SKIPPEDAPIIDS="api1,api2,api3"
map[string]stringA comma-separated list of key:value pairs.TYK_GW_GLOBALHEADERS="X-Tyk-Test:true,X-Tyk-Version:1.0"
map[string]interface{}A JSON string representing the object.TYK_GW_POLICIES_POLICYSOURCE_CONFIG='{"connection_string": "..."}'
For complex types like map[string]interface{}, the value should be a valid JSON string. For []string and map[string]string, ensure there are no spaces around the commas unless they are part of the value itself.

Default Ports

ApplicationPort
MongoDB27017
Redis6379
Tyk Dashboard
Developer Portal3000
Admin Dashboard3000
Admin Dashboard API3000
Tyk Gateway
Management API8080
MDCB
RPC services9090
HTTP endpoints8181

listen_port

ENV: TYK_MDCB_LISTENPORT
Type: int
 The RPC port to which Data Plane Gateways will connect. You must open this port to accept connections via your firewall.
Default if not set: 9091.

healthcheck_port

ENV: TYK_MDCB_HEALTHCHECKPORT
Type: int
 This port lets MDCB allow standard health checks.
Default if not set: 8181. Deprecated: Use http_port instead.

healthcheck

Healthcheck settings

healthcheck.cache_renewal_period

ENV: TYK_MDCB_HEALTHCHECK_CACHERENEWALPERIOD
Type: int
 Specifies the time interval (in seconds) at which the healthchecker refreshes its cached health status information (redis and DB).

http_port

ENV: TYK_MDCB_HTTPPORT
Type: int
 The HTTP port exposes different endpoints for monitoring and debugging MDCB. The default value is 8181. Exposed endpoints include:
  • /health - Provides the health status of MDCB.
  • /dataplanes - Provides information about the dataplanes connected to MDCB (security.enable_http_secure_endpoints must be enabled).
  • /debug/pprof/* - Provides profiling information (enable_http_profiler must be enabled).

enable_http_profiler

ENV: TYK_MDCB_HTTPPROFILE
Type: bool
 Enable debugging of your Tyk MDCB by exposing profiling information.

server_options

MDCB gorpc server configuration

server_options.use_ssl

ENV: TYK_MDCB_SERVEROPTIONS_USESSL
Type: bool
 If use_ssl is set to true, you need to enter the cert_file and key_file path names for certificate.

server_options.certificate

cert data to expose the http server

server_options.certificate.cert_file

ENV: TYK_MDCB_SERVEROPTIONS_CERTIFICATE_CERTFILE
Type: string
 Filesystem location for pem encoded certificate

server_options.certificate.key_file

ENV: TYK_MDCB_SERVEROPTIONS_CERTIFICATE_KEYFILE
Type: string
 Filesystem location for pem encoded private key

server_options.min_version

ENV: TYK_MDCB_SERVEROPTIONS_MINVERSION
Type: uint16
 The min_version setting should be the minimum TLS protocol version required from the client.
For TLS 1.0 use 769
For TLS 1.1 use 770
For TLS 1.2 use 771
For TLS 1.3 use 772
See Controlling TLS Version & Cipher Suites for more details.

server_options.ssl_ciphers

ENV: TYK_MDCB_SERVEROPTIONS_CIPHERS
Type: []string
 Is the list of names supported cipher suites (IANA) for TLS versions up to TLS 1.2. This defaults to a list of secure cipher suites.

server_options.ssl_certificates

ENV: TYK_MDCB_SERVEROPTIONS_SSLCERTIFICATES
Type: []string
 SSL certificates used by your MDCB server. A list of certificate IDs or path to files.

http_server_options

HTTPServerOptions configures SSL/TLS for the HTTP server, affecting security settings. It applies to endpoints like /health for health checks, /dataplanes for node information and /debug/pprof/ for performance profiling.

http_server_options.use_ssl

ENV: TYK_MDCB_HTTPSERVEROPTIONS_USESSL
Type: bool
 If use_ssl is set to true, you need to enter the cert_file and key_file path names for certificate.

http_server_options.certificate

cert data to expose the http server

http_server_options.certificate.cert_file

ENV: TYK_MDCB_HTTPSERVEROPTIONS_CERTIFICATE_CERTFILE
Type: string
 Filesystem location for pem encoded certificate

http_server_options.certificate.key_file

ENV: TYK_MDCB_HTTPSERVEROPTIONS_CERTIFICATE_KEYFILE
Type: string
 Filesystem location for pem encoded private key

http_server_options.min_version

ENV: TYK_MDCB_HTTPSERVEROPTIONS_MINVERSION
Type: uint16
 The min_version setting should be the minimum TLS protocol version required from the client.
For TLS 1.0 use 769
For TLS 1.1 use 770
For TLS 1.2 use 771
For TLS 1.3 use 772
See Controlling TLS Version & Cipher Suites for more details.

http_server_options.ssl_ciphers

ENV: TYK_MDCB_HTTPSERVEROPTIONS_CIPHERS
Type: []string
 Is the list of names supported cipher suites (IANA) for TLS versions up to TLS 1.2. This defaults to a list of secure cipher suites.

http_server_options.ssl_certificates

ENV: TYK_MDCB_HTTPSERVEROPTIONS_SSLCERTIFICATES
Type: []string
 SSL certificates used by your MDCB server. A list of certificate IDs or path to files.

security.private_certificate_encoding_secret

ENV: TYK_MDCB_SECURITY_PRIVATECERTIFICATEENCODINGSECRET
Type: string
 If you are using encrypted private keys, this is the secret to use to decrypt them. This must match the secret used for Gateway and Dashboard as explained here.

storage

This section describes your centralised Redis DB. This will act as your main key store for all of your clusters.

storage.type

ENV: TYK_MDCB_STORAGE_TYPE
Type: string
 Currently, the only storage type supported is Redis.

storage.host

ENV: TYK_MDCB_STORAGE_HOST
Type: string
 Hostname of your Redis server

storage.port

ENV: TYK_MDCB_STORAGE_PORT
Type: int
 The port the Redis server is listening on.

storage.master_name

ENV: TYK_MDCB_STORAGE_MASTERNAME
Type: string
 It defines the sentinel master name

storage.sentinel_password

ENV: TYK_MDCB_STORAGE_SENTINELPASSWORD
Type: string
 If set, redis sentinel will authenticate using this password.

storage.username

ENV: TYK_MDCB_STORAGE_USERNAME
Type: string
 If set, a redis connection will be established with this user. If not set then it will defaults to the default redis user

storage.password

ENV: TYK_MDCB_STORAGE_PASSWORD
Type: string
 Optional auth password for Redis db

storage.database

ENV: TYK_MDCB_STORAGE_DATABASE
Type: int
 By default, the database is 0. Setting the database is not supported with redis cluster. As such, if you have storage.redis_cluster:true, then this value should be omitted or explicitly set to 0.

storage.optimisation_max_idle

ENV: TYK_MDCB_STORAGE_MAXIDLE
Type: int
 MDCB will open a pool of connections to Redis. This setting will configure how many connections are maintained in the pool when idle (no traffic). Set the max_idle value to something large, we usually leave it at around 2000 for HA deployments.

storage.optimisation_max_active

ENV: TYK_MDCB_STORAGE_MAXACTIVE
Type: int
 In order to not over commit connections to the Redis server, we may limit the total number of active connections to Redis. We recommend for production use to set this to around 4000.

storage.enable_cluster

ENV: TYK_MDCB_STORAGE_ENABLECLUSTER
Type: bool
 If you are using Redis cluster, enable it here to enable the slots mode.

storage.hosts

ENV: TYK_MDCB_STORAGE_HOSTS
Type: map[string]string
 Add your Redis hosts here as a map of hostname:port. This field is required when storage.enable_cluster is set to true. example:
{
"server1": "6379",
"server2": "6380",
"server3": "6381"
}

storage.addrs

ENV: TYK_MDCB_STORAGE_ADDRS
Type: []string
 It can be either a single address or a seed list of host:port addresses of cluster/sentinel nodes. It overrides the value of hosts.

storage.redis_use_ssl

ENV: TYK_MDCB_STORAGE_REDISUSESSL
Type: bool
 If set, MDCB will assume the connection to Redis is encrypted. (use with Redis providers that support in-transit encryption). Deprecated. Use use_ssl instead.

storage.redis_ssl_insecure_skip_verify

ENV: TYK_MDCB_STORAGE_REDISSSLINSECURESKIPVERIFY
Type: bool
 Allows usage of self-signed certificates when connecting to an encrypted Redis database. Deprecated. Use ssl_insecure_skip_verify instead.

storage.timeout

ENV: TYK_MDCB_STORAGE_TIMEOUT
Type: int
 Set a custom timeout for Redis network operations. Default value is 5 seconds.

storage.use_ssl

ENV: TYK_MDCB_STORAGE_USESSL
Type: bool
 Enable SSL/TLS connection between Tyk MDCB & Redis.

storage.ssl_insecure_skip_verify

ENV: TYK_MDCB_STORAGE_SSLINSECURESKIPVERIFY
Type: bool
 Disable TLS verification.

storage.ca_file

ENV: TYK_MDCB_STORAGE_CAFILE
Type: string
 Path to the CA file.

storage.cert_file

ENV: TYK_MDCB_STORAGE_CERTFILE
Type: string
 Path to the cert file.

storage.key_file

ENV: TYK_MDCB_STORAGE_KEYFILE
Type: string
 Path to the key file.

storage.max_version

ENV: TYK_MDCB_STORAGE_MAXVERSION
Type: string
 Maximum TLS version that is supported. Options: [“1.0”, “1.1”, “1.2”, “1.3”]. Defaults to “1.3”.

storage.min_version

ENV: TYK_MDCB_STORAGE_MINVERSION
Type: string
 Minimum TLS version that is supported. Options: [“1.0”, “1.1”, “1.2”, “1.3”]. Defaults to “1.2”.

analytics

configuration of the store of analytics

analytics.type

ENV: TYK_MDCB_ANALYTICSCONFIG_TYPE
Type: DBType
 Determines the storage type. It could be mongo or postgres. By default, the value is mongo.

analytics.connection_string

ENV: TYK_MDCB_ANALYTICSCONFIG_CONNECTIONSTRING
Type: string
 This is used to configure the conenction string for the storage.

analytics.table_sharding

ENV: TYK_MDCB_ANALYTICSCONFIG_TABLESHARDING
Type: bool
 Enable table sharding for SQL Analytics

analytics.batch_size

ENV: TYK_MDCB_ANALYTICSCONFIG_BATCHSIZE
Type: int
 Max Batch size for SQL Analytics

analytics.postgres.prefer_simple_protocol

ENV: TYK_MDCB_ANALYTICSCONFIG_POSTGRES_PREFERSIMPLEPROTOCOL
Type: bool
 disables implicit prepared statement usage

analytics.mysql.default_string_size

ENV: TYK_MDCB_ANALYTICSCONFIG_MYSQL_DEFAULTSTRINGSIZE
Type: uint
 default size for string fields. By default set to: 256

analytics.mysql.disable_datetime_precision

ENV: TYK_MDCB_ANALYTICSCONFIG_MYSQL_DISABLEDATETIMEPRECISION
Type: bool
 disable datetime precision, which not supported before MySQL 5.6

analytics.mysql.dont_support_rename_index

ENV: TYK_MDCB_ANALYTICSCONFIG_MYSQL_DONTSUPPORTRENAMEINDEX
Type: bool
 drop & create when rename index, rename index not supported before MySQL 5.7, MariaDB

analytics.mysql.dont_support_rename_column

ENV: TYK_MDCB_ANALYTICSCONFIG_MYSQL_DONTSUPPORTRENAMECOLUMN
Type: bool
 change when rename column, rename column not supported before MySQL 8, MariaDB

analytics.mysql.skip_initialize_with_version

ENV: TYK_MDCB_ANALYTICSCONFIG_MYSQL_SKIPINITIALIZEWITHVERSION
Type: bool
 auto configure based on currently MySQL version

analytics.mongo_url

ENV: TYK_MDCB_ANALYTICSCONFIG_MONGOURL
Type: string
 Connection string for MongoDB.

analytics.mongo_use_ssl

ENV: TYK_MDCB_ANALYTICSCONFIG_MONGOUSESSL
Type: bool
 A Boolean setting for Mongo SSL support. Set to true to enable SSL.

analytics.mongo_ssl_insecure_skip_verify

ENV: TYK_MDCB_ANALYTICSCONFIG_MONGOSSLINSECURESKIPVERIFY
Type: bool
 This setting allows the use of self-signed certificates when connecting to an encrypted MongoDB database.

analytics.mongo_ssl_allow_invalid_hostnames

ENV: TYK_MDCB_ANALYTICSCONFIG_MONGOSSLALLOWINVALIDHOSTNAMES
Type: bool
 Ignore hostname check when it differs from the original (for example with SSH tunneling). The rest of the TLS verification will still be performed

analytics.mongo_ssl_ca_file

ENV: TYK_MDCB_ANALYTICSCONFIG_MONGOSSLCAFILE
Type: string
 Path to the PEM file with trusted root certificates

analytics.mongo_ssl_pem_keyfile

ENV: TYK_MDCB_ANALYTICSCONFIG_MONGOSSLPEMKEYFILE
Type: string
 Path to the PEM file which contains both client certificate and private key. This is required for Mutual TLS.

analytics.mongo_session_consistency

ENV: TYK_MDCB_ANALYTICSCONFIG_MONGOSESSIONCONSISTENCY
Type: string
 Set the consistency mode for the session, it defaults to Strong. The valid values are:
  • eventual monotonic

analytics.mongo_batch_size

ENV: TYK_MDCB_ANALYTICSCONFIG_MONGOBATCHSIZE
Type: int
 Sets the batch size for mongo results.

analytics.driver

ENV: TYK_MDCB_ANALYTICSCONFIG_DRIVER
Type: string
 Use mongo-go to use the official mongo driver. Alternatively, use mgo to use the old driver. Since v2.4.3, the default driver is mongo-go.

analytics.mongo_direct_connection

ENV: TYK_MDCB_ANALYTICSCONFIG_MONGODIRECTCONNECTION
Type: bool
 MongoDirectConnection informs whether to establish connections only with the specified seed servers, or to discover and establish connections with further servers within the cluster. If true, the client will only connect to the host provided in the ConnectionString and won’t attempt to discover other servers within the cluster. Useful when network restrictions prevent discovery, such as with SSH tunneling. Default is false.

analytics.mongo_ignore_aggregations

ENV: TYK_MDCB_ANALYTICSCONFIG_MONGOIGNOREAGGREGATIONS
Type: []string
 List of aggregate types to exclude from storage. Aggregates in this list are dropped before being written to the collection. See pumps.mongoaggregate.meta.ignore_aggregations for detailed behavior.

analytics.mongo_enable_aggregate_self_healing

ENV: TYK_MDCB_ANALYTICSCONFIG_MONGOENABLEAGGREGATESELFHEALING
Type: bool
 If set to true, enables self-healing for aggregate data. See pumps.mongoaggregate.meta.enable_aggregate_self_healing for detailed behavior.

hash_keys

ENV: TYK_MDCB_HASHKEYS
Type: bool
 Set to true if you are using a hashed configuration installation of Tyk, otherwise set to false.

session_timeout

ENV: TYK_MDCB_SESSIONTIMEOUT
Type: int64
 Number of seconds before the gateways are forced to re-login. Default is 86400 (24 hours).

invalid_key_cache_ttl

ENV: TYK_MDCB_INVALIDKEYCACHETTL
Type: int
 Number of seconds to cache invalid session keys. When a gateway attempts to login with a non-existent or invalid key, it is cached to prevent repeated Redis lookups. Default is 180 seconds (3 minutes). Lower values (e.g., 30) allow faster recovery after Redis outages but increase Redis load from retries. Higher values better protect Redis from bad key hammering but delay recovery from temporary failures.

forward_analytics_to_pump

ENV: TYK_MDCB_FORWARDANALYTICSTOPUMP
Type: bool
 Instead of sending analytics directly to MongoDB, MDCB can send analytics to Redis. This will allow [tyk-pump] (https://github.com/TykTechnologies/tyk-pump) to pull analytics from Redis and send to your own data sinks.

enable_multiple_analytics_keys

ENV: TYK_MDCB_ENABLEMULTIPLEANALYTICSKEYS
Type: bool
 Instead of saving all the analytics in one key, this will enable to save the analytics in multiple keys. It’s specially useful when you are using Redis cluster. This will work only if forward_analytics_to_pump is true and tyk-pump is v1.2.1+ .

dont_store_selective

ENV: TYK_MDCB_DONTSTORESELECTIVE
Type: bool
 set to true if you don’t want to store selective analytics

dont_store_aggregate

ENV: TYK_MDCB_DONTSTOREAGGREGATES
Type: bool
 Set to true to don’t store aggregate analytics

org_session_expiration

ENV: TYK_MDCB_ORGCACHEEXPIRATION
Type: int
 Sets the organization cache expiration in minutes. By default, 60 minutes. This will only work with tyk-sink 1.9+

org_session_cleanup

ENV: TYK_MDCB_ORGCACHECLEANUP
Type: int
 Sets the organization cache cleanup interval in minutes. By default, 60 minutes. This will only work with tyk-sink 1.9+.

license

ENV: TYK_MDCB_LICENSE
Type: string
 Enter your license in this section so MDCB can start.

track_all_paths

ENV: TYK_MDCB_TRACKALLPATHS
Type: bool
 Currently, analytics for an endpoint is stored only if Track Endpoint plugin is enabled on that endpoint. If track_all_paths is enabled, it will store analytics for all the endpoints, irrespective of Track Endpoint plugin.

store_analytics_per_minute

ENV: TYK_MDCB_STOREANALYTICSPERMINUTE
Type: bool
 Enable to generate aggregated per minute. By default it will generate aggregate data per hour. If this option is enabled, aggregate data will be generated per minute.

ignore_tag_prefix_list

ENV: TYK_MDCB_IGNORETAGPREFIXLIST
Type: []string
 if set to true then it will not store analytics for tags having prefix specified in the list. Note: Prefix “key-” is added in the list by default. This tag is added by gateway for keys.

threshold_len_tag_list

ENV: TYK_MDCB_THRESHOLDLENTAGLIST
Type: int
 If number of tags in a document grows beyond threshold_len_tag_list, pump will throw a warning, it works for mongo aggregate pump. The warning will print top 5 common tag prefix. Default value is 1000. To disable alerts set it to -1.

omit_analytics_index_creation

ENV: TYK_MDCB_OMITANALYTICSINDEXCREATION
Type: bool
 Set to true to disable the Mongo storages default index creation. More detailed behavior explained at https://tyk.io/docs/tyk-pump/tyk-pump-configuration/tyk-pump-dashboard-config/#omitting-indexes.

enable_separate_analytics_store

ENV: TYK_MDCB_ENABLESEPERATEANALYTICSSTORE
Type: bool
 Set it to true if you are using a separated analytic storage in the Control Plane Gateway. If forward_analytics_to_pump is true, it will forward the analytics to the separated storage specified in analytics_storage.

analytics_storage

This section describes your separated analytic Redis DB. It has the same fields as storage. It requires enable_separate_analytics_store set to true.

analytics_storage.type

ENV: TYK_MDCB_ANALYTICSSTORAGE_TYPE
Type: string
 Currently, the only storage type supported is Redis.

analytics_storage.host

ENV: TYK_MDCB_ANALYTICSSTORAGE_HOST
Type: string
 Hostname of your Redis server

analytics_storage.port

ENV: TYK_MDCB_ANALYTICSSTORAGE_PORT
Type: int
 The port the Redis server is listening on.

analytics_storage.master_name

ENV: TYK_MDCB_ANALYTICSSTORAGE_MASTERNAME
Type: string
 It defines the sentinel master name

analytics_storage.sentinel_password

ENV: TYK_MDCB_ANALYTICSSTORAGE_SENTINELPASSWORD
Type: string
 If set, redis sentinel will authenticate using this password.

analytics_storage.username

ENV: TYK_MDCB_ANALYTICSSTORAGE_USERNAME
Type: string
 If set, a redis connection will be established with this user. If not set then it will defaults to the default redis user

analytics_storage.password

ENV: TYK_MDCB_ANALYTICSSTORAGE_PASSWORD
Type: string
 Optional auth password for Redis db

analytics_storage.database

ENV: TYK_MDCB_ANALYTICSSTORAGE_DATABASE
Type: int
 By default, the database is 0. Setting the database is not supported with redis cluster. As such, if you have storage.redis_cluster:true, then this value should be omitted or explicitly set to 0.

analytics_storage.optimisation_max_idle

ENV: TYK_MDCB_ANALYTICSSTORAGE_MAXIDLE
Type: int
 MDCB will open a pool of connections to Redis. This setting will configure how many connections are maintained in the pool when idle (no traffic). Set the max_idle value to something large, we usually leave it at around 2000 for HA deployments.

analytics_storage.optimisation_max_active

ENV: TYK_MDCB_ANALYTICSSTORAGE_MAXACTIVE
Type: int
 In order to not over commit connections to the Redis server, we may limit the total number of active connections to Redis. We recommend for production use to set this to around 4000.

analytics_storage.enable_cluster

ENV: TYK_MDCB_ANALYTICSSTORAGE_ENABLECLUSTER
Type: bool
 If you are using Redis cluster, enable it here to enable the slots mode.

analytics_storage.hosts

ENV: TYK_MDCB_ANALYTICSSTORAGE_HOSTS
Type: map[string]string
 Add your Redis hosts here as a map of hostname:port. This field is required when storage.enable_cluster is set to true. example:
{
"server1": "6379",
"server2": "6380",
"server3": "6381"
}

analytics_storage.addrs

ENV: TYK_MDCB_ANALYTICSSTORAGE_ADDRS
Type: []string
 It can be either a single address or a seed list of host:port addresses of cluster/sentinel nodes. It overrides the value of hosts.

analytics_storage.redis_use_ssl

ENV: TYK_MDCB_ANALYTICSSTORAGE_REDISUSESSL
Type: bool
 If set, MDCB will assume the connection to Redis is encrypted. (use with Redis providers that support in-transit encryption). Deprecated. Use use_ssl instead.

analytics_storage.redis_ssl_insecure_skip_verify

ENV: TYK_MDCB_ANALYTICSSTORAGE_REDISSSLINSECURESKIPVERIFY
Type: bool
 Allows usage of self-signed certificates when connecting to an encrypted Redis database. Deprecated. Use ssl_insecure_skip_verify instead.

analytics_storage.timeout

ENV: TYK_MDCB_ANALYTICSSTORAGE_TIMEOUT
Type: int
 Set a custom timeout for Redis network operations. Default value is 5 seconds.

analytics_storage.use_ssl

ENV: TYK_MDCB_ANALYTICSSTORAGE_USESSL
Type: bool
 Enable SSL/TLS connection between Tyk MDCB & Redis.

analytics_storage.ssl_insecure_skip_verify

ENV: TYK_MDCB_ANALYTICSSTORAGE_SSLINSECURESKIPVERIFY
Type: bool
 Disable TLS verification.

analytics_storage.ca_file

ENV: TYK_MDCB_ANALYTICSSTORAGE_CAFILE
Type: string
 Path to the CA file.

analytics_storage.cert_file

ENV: TYK_MDCB_ANALYTICSSTORAGE_CERTFILE
Type: string
 Path to the cert file.

analytics_storage.key_file

ENV: TYK_MDCB_ANALYTICSSTORAGE_KEYFILE
Type: string
 Path to the key file.

analytics_storage.max_version

ENV: TYK_MDCB_ANALYTICSSTORAGE_MAXVERSION
Type: string
 Maximum TLS version that is supported. Options: [“1.0”, “1.1”, “1.2”, “1.3”]. Defaults to “1.3”.

analytics_storage.min_version

ENV: TYK_MDCB_ANALYTICSSTORAGE_MINVERSION
Type: string
 Minimum TLS version that is supported. Options: [“1.0”, “1.1”, “1.2”, “1.3”]. Defaults to “1.2”.

log_level

ENV: TYK_MDCB_LOGLEVEL
Type: string
 You can now set a logging level (log_level). The following levels can be set: debug, info, warn, error. If not set or left empty, it will default to info.

enable_key_logging

ENV: TYK_MDCB_ENABLEKEYLOGGING
Type: bool
 EnableKeyLogging prints the unhashed keys without obfuscating them in the logs

sync_worker_config

Configuration of the MDCB Synchroniser functionality introduced in MDCB v2.0.0

sync_worker_config.enabled

ENV: TYK_MDCB_SYNCWORKER_ENABLED
Type: bool
 Enable the MDCB Synchroniser

sync_worker_config.hash_keys

ENV: TYK_MDCB_SYNCWORKER_HASHKEYS
Type: bool
 Allows the worker to synchronize hashed API keys. Set this to true if hash_keys is true in dashboard and gateway configuration.

sync_worker_config.max_batch_size

ENV: TYK_MDCB_SYNCWORKER_MAXBATCHSIZE
Type: int
 The maximum number of keys that we can fetch per batch. Default value: 1000 keys per batch.

sync_worker_config.time_between_batches

ENV: TYK_MDCB_SYNCWORKER_TIMEBETWEENBATCHES
Type: int
 Specifies a cooldown time between batches in seconds. 0 / disabled by default.

sync_worker_config.max_workers

ENV: TYK_MDCB_SYNCWORKER_MAXWORKERS
Type: int
 Specifies the maximum number of Groups (worker GW clusters) that can be synchronised by MDCB at the same time. Increasing this value can affect the operation of MDCB so it is recommended that you only modify this value if you need to synchronise a higher number of datacenters. Default value: 1000.

sync_worker_config.warmup_time

ENV: TYK_MDCB_SYNCWORKER_WARMUPTIME
Type: int
 Specifies the time (in seconds) that MDCB should wait before starting to synchronise workers with the controller. This is to allow the worker nodes to load APIs and policies from local Redis before synchronising the other resources. Default value: 2 seconds.

sync_worker_config.group_key_ttl

ENV: TYK_MDCB_SYNCWORKER_GROUPKEYTTL
Type: int
 Specifies the group key TTL in seconds. This key is used to prevent a group of gateways from re-syncing when is not required. On login (GroupLogin call), if the key doesn’t exist then the sync process is triggered. If the key exists then the TTL just gets renewed. In case the cluster of gateways is down, the key will expire and get removed and if they connect again a sync process will be triggered. Default value: 180 seconds. Min value: 30 seconds.

enable_ownership

ENV: TYK_MDCB_ENABLEOWNERSHIP
Type: bool
 Enables API Ownership in MDCB. If set, the Data Plane Gateways will load only APIs that are accessible by the user and user group associated with the Gateways’ slave_options.api_key used to connect to MDCB.

escape_dots_in_oas_paths

ENV: TYK_MDCB_ESCAPEDOTSINOASPATHS
Type: bool
 When enabled, dots in OAS field names are escaped with double underscores to prevent MongoDB field name conflicts, and unescaped on read.