API Definition
Last updated: 4 minutes read.
The ApiDefinition custom resource defines configuration of Tyk Classic API Definition object.
Here are the supported features:
API Types
Type | Support | Supported From | Comments | Sample |
---|---|---|---|---|
HTTP | ✅ | v0.1 | - | HTTP Proxy |
HTTPS | ✅ | v0.4 | - | HTTPS Proxy |
TCP | ✅ | v0.1 | - | TCP Proxy |
TLS | ✅ | v0.1 | - | |
GraphQL - Proxy | ✅ | v0.1 | - | GraphQL Proxy |
Universal Data Graph v1 | ✅ | v0.1 | - | UDG v1 Proxy |
Universal Data Graph v2 | ✅ | v0.12 | - | UDG v2 Proxy |
GraphQL - Federation | ✅ | v0.12 | - | GraphQL Federation |
Management of APIs
Type | Support | Supported From | Comments | Sample |
---|---|---|---|---|
API Name | ✅ | v0.1 | - | API Name |
API Status (inactive/active) | ✅ | v0.2 | - | API Active Status |
API Categories | ✅ | v0.1 | - | API Categories |
API ID | ✅ | v0.1 | - | API ID |
API Ownership | ✅ | v0.12 | - | API Ownership |
API Versioning | ✅ | v0.1 | - | API Versioning |
Traffic Routing
Type | Supported | Supported From | Comments | Sample |
---|---|---|---|---|
Path-Based Proxy | ✅ | v0.1 | - | HTTP Proxy |
Host-Based Proxy | ✅ | v0.1 | - | HTTP Host-based Proxy |
Target URL | ✅ | v0.1 | - | HTTP Proxy |
Client to Gateway Authentication and Authorization
Type | Supported | Supported From | Comments | Sample |
---|---|---|---|---|
Keyless | ✅ | v0.1 | - | Keyless |
Auth Token | ✅ | v0.1 | - | Auth Token |
JWT | ✅️ | v0.5 | - | JWT |
OpenID Connect | ❌ | - | JWT is the recommended way configuring OIDC. Please see OpenID Connect documentation for details. | |
OAuth2 | ❌ | - | JWT is the recommended way to configure OAuth2. Please see OpenID Connect documentation for details. | |
Client mTLS | ✅ | v0.11 | Only static client mTLS is supported | mTLS |
HMAC | ❌ | - | Not implemented | |
Basic Authentication | ✅ | v0.12 | Only enabling with default metadata values is supported | Basic Auth |
Custom Authentication Plugin (Go) | ✅ | v0.11 | - | Custom Auth (go) |
Custom Authentication Plugin (gRPC) | ✅ | v0.1 | - | Custom Auth (gRPC) |
Multiple Authentication | ✅ | v0.14 | - | Multiple Auth |
IP Allowlist | ✅ | v0.5 | - | IP Allowlist |
IP Blocklist | ✅ | v0.5 | - | IP Blocklist |
Gateway to Upstream Authentication
Type | Supported | Supported From | Comments | Sample |
---|---|---|---|---|
Upstream Certificates mTLS | ✅ | v0.9 | Upstream mTLS | |
Public Key Certificate Pinning | ✅ | v0.9 | Certificate Pinning | |
Upstream Request Signing | ❌ | - | Not implemented |
API-level (Global) Features
Feature | Supported | Supported From | Comments | Sample |
---|---|---|---|---|
Detailed recording (in Log Browser) | ✅ | v0.4.0 | - | Detailed recording |
Config Data | ✅ | v0.8.2 | - | Config Data |
Context Variables | ✅ | v0.1 | - | Context Variables |
Cross Origin Resource Sharing (CORS) | ✅ | v0.2 | - | CORS |
Service Discovery | ⚠️ | - | Untested | |
Segment Tags | ✅ | v0.1 | - | Segment Tags |
Internal API (not exposed by Gateway) | ✅ | v0.6.0 | - | API Accessibility |
Global (API-level) Header Transform | ✅ | v0.1.0 | - | Global Header Transform |
Global (API-level) Rate Limit | ✅ | v0.10 | - | Global Rate Limit |
Custom Plugins | ✅ | v0.1 | - | Custom Plugins |
Analytics Plugin | ✅ | v0.16.0 | - | Analytics Plugins |
Batch Requests | ❌ | - | - | |
Custom Analytics Tags (Tag Headers) | ✅ | v0.10.0 | - | Custom Analytics Tags (Tag Headers) |
Expire Analytics After | ❌ | - | - | |
Do not track Analytics (per API) | ✅ | v0.1.0 | - | Do Not Track |
Webhooks | ❌ | - | - | |
Looping | ✅ | v0.6 | - | Internal Looping |
Round Robin Load Balancing | ✅ | - | - | Load Balancing |
Endpoint-level Features
Endpoint Middleware | Supported | Supported From | Comments | Sample |
---|---|---|---|---|
Allow list | ✅️ | v0.8.2 | - | Allow list |
Block list | ✅️ | v0.8.2 | - | Block list |
Cache | ✅ | v0.1 | - | Cache |
Advance Cache | ✅ | v0.1 | - | Advanced Cache |
Circuit Breaker | ✅ | v0.5 | - | Circuit Breaker |
Track Endpoint | ✅ | v0.1 | Track Endpoint | |
Do Not Track Endpoint | ✅ | v0.1 | Do Not Track Endpoint | |
Enforced Timeouts | ✅ | v0.1 | - | Enforced Timeouts |
Ignore Authentication | ✅ | v0.8.2 | - | Ignore Authentication |
Internal Endpoint | ✅ | v0.1 | - | Internal Endpoint |
URL Rewrite | ✅️ | v0.1 | - | URL Rewrite |
Validate Request | ✅ | v0.8.2 | - | Validate Request |
Rate Limit | ❌ | - | - | |
Request Size Limit | ✅️ | v0.1 | - | Request Size Limit |
Request Method Transform | ✅ | v0.5 | - | Request Method Transform |
Request Header Transform | ✅ | v0.1 | - | Request Header Transform |
Request Body Transform | ✅ | v0.1 | - | Request Body Transform |
Request Body JQ Transform | ⚠️ | v0.1 | Requires JQ on Gateway Docker Image | |
Response Header Transform | ✅ | v0.1 | - | Response Header Transform |
Response Body Transform | ✅ | v0.1 | - | Response Body Transform |
Response Body JQ Transform | ⚠️ | v0.1 | Requires JQ on Gateway Docker Image | |
Mock Response | ✅ | v0.1 | - | Mock Response |
Virtual Endpoint | ✅ | v0.1 | - | Virtual Endpoint |
Per-Endpoint Plugin | ❌ | - | - | |
Persist Graphql | ❌ | - | - |