API Definition

Last updated: 4 minutes read.

The ApiDefinition custom resource defines configuration of Tyk Classic API Definition object.

Here are the supported features:

API Types

Type Support Supported From Comments Sample
HTTP v0.1 - HTTP Proxy
HTTPS v0.4 - HTTPS Proxy
TCP v0.1 - TCP Proxy
TLS v0.1 -
GraphQL - Proxy v0.1 - GraphQL Proxy
Universal Data Graph v1 v0.1 - UDG v1 Proxy
Universal Data Graph v2 v0.12 - UDG v2 Proxy
GraphQL - Federation v0.12 - GraphQL Federation

Management of APIs

Type Support Supported From Comments Sample
API Name v0.1 - API Name
API Status (inactive/active) v0.2 - API Active Status
API Categories v0.1 - API Categories
API ID v0.1 - API ID -
API Ownership v0.12 - API Ownership
API Versioning v0.1 - API Versioning

Traffic Routing

Type Supported Supported From Comments Sample
Path-Based Proxy v0.1 - HTTP Proxy
Host-Based Proxy v0.1 - HTTP Host-based Proxy
Target URL v0.1 - HTTP Proxy

Client to Gateway Authentication and Authorization

Type Supported Supported From Comments Sample
Keyless v0.1 - Keyless
Auth Token v0.1 - Auth Token
JWT ✅️ v0.5 - JWT
OpenID Connect - JWT is the recommended way configuring OIDC. Please see OpenID Connect documentation for details.
OAuth2 - JWT is the recommended way to configure OAuth2. Please see OpenID Connect documentation for details.
Client mTLS v0.11 Only static client mTLS is supported Client mTLS
HMAC - Not implemented
Basic Authentication v0.12 Only enabling with default metadata values is supported Basic Auth
Custom Authentication Plugin (Go) v0.11 - Custom Auth (go)
Custom Authentication Plugin (gRPC) v0.1 - Custom Auth (gRPC)
Multiple Authentication v0.14 - Multiple Auth
IP Allowlist v0.5 - IP Allowlist
IP Blocklist v0.5 - IP Blocklist

Gateway to Upstream Authentication

Type Supported Supported From Comments Sample
Upstream Certificates mTLS v0.9 Upstream mTLS
Public Key Certificate Pinning v0.9 Certificate Pinning
Upstream Request Signing - Not implemented

API-level (Global) Features

Feature Supported Supported From Comments Sample
Detailed recording (in Log Browser) v0.4.0 - Detailed recording
Config Data v0.8.2 - Config Data
Context Variables v0.1 - Context Variables
Cross Origin Resource Sharing (CORS) v0.2 - CORS
Service Discovery ⚠️ - Untested
Segment Tags v0.1 - Segment Tags
Internal API (not exposed by Gateway) v0.6.0 - API Accessibility
Global (API-level) Header Transform v0.1.0 - Global Header Transform
Global (API-level) Rate Limit v0.10 - Global Rate Limit
Custom Plugins v0.1 - Custom Plugins
Analytics Plugin v0.16.0 - Analytics Plugins
Batch Requests - -
Custom Analytics Tags (Tag Headers) v0.10.0 - Custom Analytics Tags (Tag Headers)
Expire Analytics After - -
Do not track Analytics (per API) v0.1.0 - Do Not Track -
Webhook Event Handler v1.0 - Webhook Event Handler
Looping v0.6 - Internal Looping
Round Robin Load Balancing - - Load Balancing

Endpoint-level Features

Endpoint Middleware Supported Supported From Comments Sample
Allow list ✅️ v0.8.2 - Allow list
Block list ✅️ v0.8.2 - Block list
Cache v0.1 - Cache
Advance Cache v0.1 - Advanced Cache
Circuit Breaker v0.5 - Circuit Breaker
Track Endpoint v0.1 Track Endpoint
Do Not Track Endpoint v0.1 Do Not Track Endpoint
Enforced Timeouts v0.1 - Enforced Timeouts
Ignore Authentication v0.8.2 - Ignore Authentication
Internal Endpoint v0.1 - Internal Endpoint
URL Rewrite ✅️ v0.1 - URL Rewrite
Validate Request v0.8.2 - Validate Request
Rate Limit - -
Request Size Limit ✅️ v0.1 - Request Size Limit
Request Method Transform v0.5 - Request Method Transform
Request Header Transform v0.1 - Request Header Transform
Request Body Transform v0.1 - Request Body Transform
Request Body JQ Transform ⚠️ v0.1 Requires JQ on Gateway Docker Image
Response Header Transform v0.1 - Response Header Transform
Response Body Transform v0.1 - Response Body Transform
Response Body JQ Transform ⚠️ v0.1 Requires JQ on Gateway Docker Image
Mock Response v0.1 - Mock Response
Virtual Endpoint v0.1 - Virtual Endpoint
Per-Endpoint Plugin - -
Persist Graphql - -