API Definition
Last updated: 4 minutes read.
The ApiDefinition custom resource defines configuration of Tyk Classic API Definition object.
Here are the supported features:
API Types
| Type | Support | Supported From | Comments | Sample |
|---|---|---|---|---|
| HTTP | ✅ | v0.1 | - | HTTP Proxy |
| HTTPS | ✅ | v0.4 | - | HTTPS Proxy |
| TCP | ✅ | v0.1 | - | TCP Proxy |
| TLS | ✅ | v0.1 | - | |
| GraphQL - Proxy | ✅ | v0.1 | - | GraphQL Proxy |
| Universal Data Graph v1 | ✅ | v0.1 | - | UDG v1 Proxy |
| Universal Data Graph v2 | ✅ | v0.12 | - | UDG v2 Proxy |
| GraphQL - Federation | ✅ | v0.12 | - | GraphQL Federation |
Management of APIs
| Type | Support | Supported From | Comments | Sample |
|---|---|---|---|---|
| API Name | ✅ | v0.1 | - | API Name |
| API Status (inactive/active) | ✅ | v0.2 | - | API Active Status |
| API Categories | ✅ | v0.1 | - | API Categories |
| API ID | ✅ | v0.1 | - | API ID |
| API Ownership | ✅ | v0.12 | - | API Ownership |
| API Versioning | ✅ | v0.1 | - | API Versioning |
Traffic Routing
| Type | Supported | Supported From | Comments | Sample |
|---|---|---|---|---|
| Path-Based Proxy | ✅ | v0.1 | - | HTTP Proxy |
| Host-Based Proxy | ✅ | v0.1 | - | HTTP Host-based Proxy |
| Target URL | ✅ | v0.1 | - | HTTP Proxy |
Client to Gateway Authentication and Authorization
| Type | Supported | Supported From | Comments | Sample |
|---|---|---|---|---|
| Keyless | ✅ | v0.1 | - | Keyless |
| Auth Token | ✅ | v0.1 | - | Auth Token |
| JWT | ✅️ | v0.5 | - | JWT |
| OpenID Connect | ❌ | - | JWT is the recommended way configuring OIDC. Please see OpenID Connect documentation for details. | |
| OAuth2 | ❌ | - | JWT is the recommended way to configure OAuth2. Please see OpenID Connect documentation for details. | |
| Client mTLS | ✅ | v0.11 | Only static client mTLS is supported | mTLS |
| HMAC | ❌ | - | Not implemented | |
| Basic Authentication | ✅ | v0.12 | Only enabling with default metadata values is supported | Basic Auth |
| Custom Authentication Plugin (Go) | ✅ | v0.11 | - | Custom Auth (go) |
| Custom Authentication Plugin (gRPC) | ✅ | v0.1 | - | Custom Auth (gRPC) |
| Multiple Authentication | ✅ | v0.14 | - | Multiple Auth |
| IP Allowlist | ✅ | v0.5 | - | IP Allowlist |
| IP Blocklist | ✅ | v0.5 | - | IP Blocklist |
Gateway to Upstream Authentication
| Type | Supported | Supported From | Comments | Sample |
|---|---|---|---|---|
| Upstream Certificates mTLS | ✅ | v0.9 | Upstream mTLS | |
| Public Key Certificate Pinning | ✅ | v0.9 | Certificate Pinning | |
| Upstream Request Signing | ❌ | - | Not implemented |
API-level (Global) Features
| Feature | Supported | Supported From | Comments | Sample |
|---|---|---|---|---|
| Detailed recording (in Log Browser) | ✅ | v0.4.0 | - | Detailed recording |
| Config Data | ✅ | v0.8.2 | - | Config Data |
| Context Variables | ✅ | v0.1 | - | Context Variables |
| Cross Origin Resource Sharing (CORS) | ✅ | v0.2 | - | CORS |
| Service Discovery | ⚠️ | - | Untested | |
| Segment Tags | ✅ | v0.1 | - | Segment Tags |
| Internal API (not exposed by Gateway) | ✅ | v0.6.0 | - | API Accessibility |
| Global (API-level) Header Transform | ✅ | v0.1.0 | - | Global Header Transform |
| Global (API-level) Rate Limit | ✅ | v0.10 | - | Global Rate Limit |
| Custom Plugins | ✅ | v0.1 | - | Custom Plugins |
| Analytics Plugin | ✅ | v0.16.0 | - | Analytics Plugins |
| Batch Requests | ❌ | - | - | |
| Custom Analytics Tags (Tag Headers) | ✅ | v0.10.0 | - | Custom Analytics Tags (Tag Headers) |
| Expire Analytics After | ❌ | - | - | |
| Do not track Analytics (per API) | ✅ | v0.1.0 | - | Do Not Track |
| Webhooks | ❌ | - | - | |
| Looping | ✅ | v0.6 | - | Internal Looping |
| Round Robin Load Balancing | ✅ | - | - | Load Balancing |
Endpoint-level Features
| Endpoint Middleware | Supported | Supported From | Comments | Sample |
|---|---|---|---|---|
| Allow list | ✅️ | v0.8.2 | - | Allow list |
| Block list | ✅️ | v0.8.2 | - | Block list |
| Cache | ✅ | v0.1 | - | Cache |
| Advance Cache | ✅ | v0.1 | - | Advanced Cache |
| Circuit Breaker | ✅ | v0.5 | - | Circuit Breaker |
| Track Endpoint | ✅ | v0.1 | Track Endpoint | |
| Do Not Track Endpoint | ✅ | v0.1 | Do Not Track Endpoint | |
| Enforced Timeouts | ✅ | v0.1 | - | Enforced Timeouts |
| Ignore Authentication | ✅ | v0.8.2 | - | Ignore Authentication |
| Internal Endpoint | ✅ | v0.1 | - | Internal Endpoint |
| URL Rewrite | ✅️ | v0.1 | - | URL Rewrite |
| Validate Request | ✅ | v0.8.2 | - | Validate Request |
| Rate Limit | ❌ | - | - | |
| Request Size Limit | ✅️ | v0.1 | - | Request Size Limit |
| Request Method Transform | ✅ | v0.5 | - | Request Method Transform |
| Request Header Transform | ✅ | v0.1 | - | Request Header Transform |
| Request Body Transform | ✅ | v0.1 | - | Request Body Transform |
| Request Body JQ Transform | ⚠️ | v0.1 | Requires JQ on Gateway Docker Image | |
| Response Header Transform | ✅ | v0.1 | - | Response Header Transform |
| Response Body Transform | ✅ | v0.1 | - | Response Body Transform |
| Response Body JQ Transform | ⚠️ | v0.1 | Requires JQ on Gateway Docker Image | |
| Mock Response | ✅ | v0.1 | - | Mock Response |
| Virtual Endpoint | ✅ | v0.1 | - | Virtual Endpoint |
| Per-Endpoint Plugin | ❌ | - | - | |
| Persist Graphql | ❌ | - | - |