API traffic management, transformation and security solutions

Use Tyk to manage your API traffic so that you can operate, scale and monetise efficiently. Our API gateway traffic management solution is secure, reliable and easy to use.

Secure, shape and transform your traffic with Tyk’s API security platform

Tyk delivers industry-standard API traffic management and security solutions without the hidden extras. Everything you need to manage your traffic and secure your APIs and microservices is included as standard.


Shape your traffic how you want, when you want, with Tyk’s traffic management solutions. Benefit from:

  • API rate limiting – to ensure your API doesn’t get flooded with requests
  • Request throttling – automatically queue and auto-retry client requests when quota or rate limits are hit
  • Request quotas – to enable you to control requests over longer periods
  • Request size limits – enforceable at the API and individual endpoint level
  • Key expiry – set API token lifetimes to ensure regular recycling
  • Load balancing – native round-robin load balancing to rotate requests through target hosts
  • Circuit breaker – rate-based, to trigger events for corrective or logging action
  • Progressive delivery – to build on core CI/CD principles

Easy, effective API traffic transformation


Transform your API traffic however you need with Tyk’s open source API gateway. You can convert to and from SOAP, xml, REST and GraphQL to meet your needs, while delivering a single, unified point of entry for your API consumers. You can also use scriptable or dedicated middleware to modify inbound and outbound body data and header information on the fly.

We give you, your team and your entire organisation the tools you need to transform your traffic quickly and easily. Achieve what you need in just a few clicks – whatever your service or stack looks like, Tyk works around you. Transform your SOAP services to REST, or combine all of your legacy endpoints into GraphQL… whatever you need to ensure that your APIs are the first-class citizens they deserve to be.

An API security solution for when it counts most

From healthcare to fintech, global enterprises rely on Tyk’s API security solutions.

Industry-standard security in just a few clicks

Consistent, reliable API security has never been more important. Tyk enables your organisation to achieve it simply and effectively. We don’t hide the tools you need behind a paywall or limit what you can achieve – everything you need is included from the outset. Use Tyk for:

  • Authentication and authorisation – multiple security options to lock-down your APIs and microservices, designed to work with open standards
  • Security policies – to enable easy application of multiple security options
  • Certificate pinning – protection in case of upstream certificate compromise
  • Key level security – robust access control at key level
  • Key hashing – token obfuscation using a key hash
  • TLS and MTLS – Tyk supports TLS connections and Mutual TLS
  • Password policy – control password requirements for dashboard users, developers and basic auth keys

 You can use Tyk Dashboard to enable multiple security options and concepts, for secure traffic and compliance with open standards. That’s why Tyk is proven and trusted by banks, governments, healthcare providers and more.  

Take an API-led approach to success

Tyk’s approach to API management is to enable your business to achieve more. With Tyk managing your traffic and APIs, you can: 

  • Shape your traffic to optimise the performance of your APIs and microservices
  • Secure your services rapidly and effectively
  • Take care of your legacy spaghetti while providing a consistent façade to your consumers
  • Make life easier for your developers and less stressful for your CTO

Tyk fits around your architecture and your processes, whether you’ve got a single API or a hugely complex global empire.

Everything you need in one easy-to-implement solution

Keep your developers and your CEO happy


Tyk does things your way. We fit around your architecture, processes and workflows to enable you to secure, shape and transform your traffic with ease. Whether you’re multi-region, cloud-native, microservices or monolith, we deliver. We integrate API workflows with your CI/CD pipeline, all in line with GitOps best practices.


Tyk works with financial institutions, healthcare providers and regulated industries all over the world. We are trusted to do things properly.

What is a traffic management API gateway?

A traffic management API gateway is an API gateway solution that enables you to securely shape and transform your traffic. It sits between your backend services and those consuming them, presenting a single, unified point of entry for consumers while allowing you to maintain your backend.

With Tyk’s traffic management API gateway, you have a powerful range of options at your fingertips, to allow you to optimise your traffic flows to underpin seamless performance and make the most of monetisation opportunities.