HomeTyk Open Source API Gateway v2.xTutorialsSet up your first API (Pro Edition)

Set up your first API (Pro Edition)

To set up an API in the dashboard is very easy, first off, ensure you have Tyk running and that you can log in.

Step 1 – Create the API Definition

We provide several defaults for the setup of an initial API, so this is very quick.

  1. Browse to “System Management” -> “APIs”
  2. Click “Add new API”
  3. Give your API a name (this can be anything, it is for human reference only), lets call it “Test API”
  4. You will notice that the listen-path and the api-slug fields will auto-populate, lets leave these defaults
  5. Make sure that “Target URL” is set to “http://httpbin.org”
  6. At the ottom of the panel you will see the Access method, let’s leave this as Auth token so we can generate a key
  7. Click the “Save” button (in the top right)

Step 2 – Test it

Your API will have been created now and could take up to 10 seconds to propagate to the gateway nodes, lets make sure it’s working:

If you are using Docker (change the IP for OSX):

curl -H "Authorization: null" http://127.0.0.1/test-api/get

Output:
-------
{
    "error": "Key not authorised"
}

If you are using a standard install:

curl -H "Authorization: null" http://your-tyk-hostname:8080/test-api/get

Output:
-------
{
    "error": "Key not authorised"
}

As we can see, tyk is blocking the request because we’v e supplie null as the Authorization key, lets create a key to make suer that this all works:

Step 3 – Create a key

Creating a key is very simple, and there are many ways to do it, you can create a key via the Tyk REST API, via the Tyk Advanced API, via the dashboard GUI or via the portal developer flow.

Here we will show you two ways to create a key, either with the dashboard, or wit the Advanced API:

Creating a key with the Dashboard

  1. Go to “System Management” -> “Keys”
  2. Select “Add Key”
  3. Leave all the defaults except selecting “Test API” from the “Access Rights” drop-down and clicking “Add”, this will add an access rule tot he token for the API we just created. This is important, Tyk keys must have an access rule set
  4. Click “Create”, the page should scroll to the top and you will see the new key on the right-hand side in a green box

That’s it, you’ve created a key – now we can try and use it. It’s also possible to create a key using the dashboard’s API, we show you in the next section. If you don’t want to do this, feel free to go to step 4.

Creating a key with the advanced API:

To do this, you will first need your API key and the API ID of the API you want to grant access to, you can get these by:

  1. Click on “System Management” -> “Users” -> Your user name [Edit]
  2. The API key is under marked as “Tyk Dashboard API Access Credentials”, copy this somewhere you can reference it
  3. Select the “System Management” -> APIs, beside your new API Name is listed the API ID, store this as well

(Docker users will need to change the URL on the last line to http://tyk_dashboard.tyk_dashboard.docker:3000/api/keys because they need to target the dashboard domain directly)

Create the key:

```

curl -H "Authorization: {YOUR-API-KEY}" 
 -s 
 -H "Content-Type: application/json" 
 -X POST 
 -d '{
    "allowance": 1000,
    "rate": 1000,
    "per": 1,
    "expires": -1,
    "quota_max": -1,
    "quota_renews": 1449051461,
    "quota_remaining": -1,
    "quota_renewal_rate": 60,
    "access_rights": {
        "YOUR-API-ID": {
            "api_id": "YOUR-API-ID",
            "api_name": "Test API",
            "versions": ["Default"]
        }
    },
    "meta_data": {}
 }' 
 http://{YOUR-DASHBOARD-HOSTNAME}:3000/api/keys | python -mjson.tool

```

What are we doing in this command?

In this command we are instructing curl to add two headers (-H), one for our Authorization key, and another for the content type, we ask curl to operate silently (-s). We then ask curl to use the POST method (-X) and finally instruct the data to send with -d.

The final bit of the command instructs Tyk to use the Advanced Management API (this is actually the dashboard API), you can see this by us targeting port 3000 instead of 8080 of the gateway.

We then pipe the output returned by curl to a json prettifier in Python so you can a clean JSON object back.

The data being sent is a Session Object, these basically outline the rights for this key (see the [Access Rights section][1].

You should receive back a fully-formed session object, and the key ID for your new key:

{
    "api_model": {},
    "data": {
        "access_rights": {
            "16daffbca6f3442e67b456dc452f9313": {
                "allowed_urls": null,
                "api_id": "16daffbca6f3442e67b456dc452f9313",
                "api_name": "Test API",
                "versions": [
                    "Default"
                ]
            }
        },
        "allowance": 1000,
        "apply_policy_id": "",
        "basic_auth_data": {
            "hash_type": "",
            "password": ""
        },
        "data_expires": 0,
        "expires": -1,
        "hmac_enabled": false,
        "hmac_string": "",
        "is_inactive": false,
        "jwt_data": {
            "secret": ""
        },
        "last_check": 0,
        "meta_data": {},
        "monitor": {
            "trigger_limits": null
        },
        "oauth_client_id": "",
        "org_id": "53ac07777cbb8c2d53000002",
        "per": 1,
        "quota_max": -1,
        "quota_remaining": -1,
        "quota_renewal_rate": 60,
        "quota_renews": 1449051461,
        "rate": 1000,
        "tags": null
    },
    "key_id": "53ac07777cbb8c2d53000002f9eac85230db47ba725d51d699216b77"
}

Step 4. Using the new Key and API

Now lets try that original curl command again to use the key against our proxied API, in the below command, we’ve replaced the "Authorization": null header to use out API key:

curl -H "Authorization: 53ac07777cbb8c2d53000002f9eac85230db47ba725d51d699216b77" http://127.0.0.1/test-api/get

Output
------

{
  "args": {},
  "headers": {
    "Accept": "*/*",
    "Accept-Encoding": "gzip",
    "Authorization": "53ac07777cbb8c2d53000002f9eac85230db47ba725d51d699216b77",
    "Host": "httpbin.org",
    "User-Agent": "curl/7.35.0"
  },
  "origin": "127.0.0.1, 178.62.11.62",
  "url": "http://httpbin.org/get"
}

As you can see, the request worked, and HttpBin returned with a nice response mirroring our request.

Was this article helpful to you? Yes No