Tyk v2.2 Documentation Components

HomeTyk v2.2 Documentation ComponentsSecurity Policies: Partitioned

Security Policies: Partitioned

In some cases, the all-or-nothing approach of policies, where all components of access control, quota and rate limit are set together isn’t ideal, and instead you may wish to have only one or two segments of a token managed at a policy level. A good example is a scenario where you are providing access tokens across a sliding scale of quota’s that vary from user to user, here having many policies is inefficient, you might as well set those values on the token level. However you do not want to manage access control lists on a per-token level.

in this case, a partitioned policy can come in useful.

A partitioned policy can enforce any of these elements individually or together on a token:

  • The ACL
  • The Rate limit
  • The Quota limit

To set up a policy to be partitioned:

This is very easy, you simply need to add a new field to your policy object:

"partitions": {
    "quota": false,
    "rate_limit": false,
    "acl": false
Field reference:
  • quota: If set to true, enforce the quota element of this policy
  • rate_limit: If set to true, enforce the rate limit of this policy
  • acl: If set totrue`, enforce the access control rules of this policy

Partitions can be applied together, if you select all of them then essentially the whole policy will be enforced.

Warning about partitioned policies

Partitioned policies are not suitable for developer portal deployment or generative tokens such as JWT or OAuth clients linked to Policies and should not be used for this case

Was this article helpful to you? Yes No