Overview
Last updated: 2 minutes read.
One of the critical aspects of API management is securing your APIs with authentication and authorization. This section provides an understanding of how to use Tyk Operator to secure your Tyk OAS APIs or Tyk Classic APIs.
Securing APIs using Tyk Operator
Tyk Operator supports configuration of Tyk OAS APIs and Tyk Classic APIs with 2 different custom resources definition (CRD):
-
TykOasApiDefinition: For Tyk OAS APIs, the
TykOasApiDefinition
CRD is used to manage and configure the API. To secure an Tyk OAS API with authentication, you need to update the referenced Tyk OAS API Definition, which is stored in a ConfigMap in JSON format, as illustrated in the Getting started tutorial.Tyk Operator can support all authentication types of a Tyk OAS API.
-
ApiDefinition: For APIs defined using the Classic format, the
ApiDefinition
CRD is used. Unlike the OAS API format, theApiDefinition
CRD is a strongly-typed custom resource that directly exposes fields for configuring different types of authentication methods supported by Tyk.In the Secure Tyk Classic API section, we have included a step by step guide, and example manifests for different authentication types.
If you’re using Tyk OAS APIs, then you can find details and examples of how to secure APIs with Tyk Operator here.
If you’re using Tyk Classic APIs, then you can find details and examples of how to secure APIs with Tyk Operator here.