openapi: 3.0.0 info: title: Tyk Gateway API version: 2.8.0 description: |- The Tyk Gateway REST API is the primary means for integrating your application with the Tyk API Gateway system. This API is very small, and has no granular permissions system. It is intended to be used purely for internal automation and integration. **Warning: Under no circumstances should outside parties be granted access to this API.** The Tyk Gateway API is capable of: * Managing session objects (key generation) * Managing and listing policies * Managing and listing API Definitions (only when not using the Dashboard) * Hot reloads / reloading a cluster configuration * OAuth client creation (only when not using the Dashboard) In order to use the REST API, you'll need to set the `secret` parameter in your tyk.conf file. The shared secret you set should then be sent along as a header with each REST API Request in order for it to be successful: ``` x-tyk-authorization: ```
The Tyk Gateway API is subsumed by the Tyk Dashboard API in Pro installations. servers: - url: 'http://localhost/' - url: 'https://localhost/' tags: - name: Keys description: |- All keys that are used to access services via Tyk correspond to a session object that informs Tyk about the context of this particular token, like access rules and rate/quota allowance.

Hashed Keys Environment

Listing tokens is only possible if you set `enable_hashed_keys_listing` to `true`. See [Using Hashed Keys Environment Endpoints](https://tyk.io/docs/security/#a-name-key-hashing-a-key-hashing) section for more details. - endpoints `POST /tyk/keys/create`, `POST /tyk/keys` and `POST /tyk/keys/{keyName}` return `"key_hash"` for future use. - endpoint `GET /tyk/keys` retrieves all (or per API) key hashes. You can disable this endpoint by using the `tyk.conf` setting `enable_hashed_keys_listing` (set to false by default). - endpoint `GET /tyk/keys/{keyName}` is able to get a key by its hash. You need to provide the key hash as a `keyName`. and call it with the optional query parameter `hashed=true`. So the format is `GET /tyk/keys/{keyName}?hashed=true"`. - The same optional parameter is available for the `DELETE /tyk/keys/{keyName}?hashed=true` endpoint.

Example: Import Existing Keys into Tyk

You can use the `PUT /tyk/keys/{KEY_ID}` endpoint as defined below to import existing keys into Tyk. This example uses standard `authorization` header authentication, and assumes that the Dashboard is located at `127.0.0.1:8080` and the Tyk secret is `352d20ee67be67f6340b4c0605b044b7` - update these as necessary to match your environment. To import a key called `abc`, save the JSON contents as `token.json` (see example below), then run the following Curl command. ``` curl http://127.0.0.1:8080/tyk/keys/abc -H 'x-tyk-authorization: 352d20ee67be67f6340b4c0605b044b7' -H 'Content-Type: application/json' -d @token.json ``` The following request will fail as the key doesn't exist. ``` curl http://127.0.0.1:8080/quickstart/headers -H 'Authorization. invalid123' ``` But this request will now work, using the imported key. ``` curl http://127.0.0.1:8080/quickstart/headers -H 'Authorization: abc' ```

Example token.json file

``` { "allowance": 1000, "rate": 1000, "per": 60, "expires": -1, "quota_max": -1, "quota_renews": 1406121006, "quota_remaining": 0, "quota_renewal_rate": 60, "access_rights": { "3": { "api_name": "Tyk Test API", "api_id": "3" } }, "org_id": "53ac07777cbb8c2d53000002", "basic_auth_data": { "password": "", "hash_type": "" }, "hmac_enabled": false, "hmac_string": "", "is_inactive": false, "apply_policy_id": "", "apply_policies": [ "59672779fa4387000129507d", "53222349fa4387004324324e", "543534s9fa4387004324324d" ], "monitor": { "trigger_limits": [] } } ``` Additionally see key session object data format. - name: OAuth description: |- Manage OAuth clients, and manage their tokens - name: Cache Invalidation description: |- Sometimes a cache might contain stale data, or it may just need to be cleared because of an invalid configuration. This call will purge all keys associated with a cache on an API-by-API basis. - name: Hot Reload description: Force restart of the Gateway or whole cluster - name: Health Checking description: Check health check of the Gateway and loaded APIs - name: Organisation Quotas description: |- It is possible to force API quota and rate limit across all keys that belong to a specific organisation ID. Rate limiting at an organisation level is useful for creating tiered access levels and trial accounts. The Organisation rate limiting middleware works with both Quotas and Rate Limiters. In order to manage this functionality, a simple API has been put in place to manage these sessions. Although the Organisation session-limiter uses the same session object, all other security keys are optional as they are not used.

Managing active status

To disallow access to an entire group of keys without rate limiting the organisation, create a session object with the "is_inactive" key set to true. This will block access before any other middleware is executed. It is useful when managing subscriptions for an organisation group and access needs to be blocked because of non-payment. - name: Batch requests description: |- Tyk supports batch requests, so a client makes a single request to the API but gets a compound response object back. This is especially handy if clients have complex requests that have multiple synchronous dependencies and do not wish to have the entire request / response cycle running for each event. To enable batch request support, set the `enable_batch_request_support` value to `true` This is especially handy if clients have complex requests that have multiple synchronous dependencies and do not wish to have the entire request / response cycle running for each event. Batch requests that come into Tyk are *run through the whole Tyk machinery* and *use a relative path to prevent spamming*. This means that a batch request to Tyk for three resources with the same API key will have three requests applied to their session quota and request limiting could become active if they are being throttled. Tyk reconstructs the API request based on the data in the batch request. This is to ensure that Tyk is not being used to proxy requests to other hosts outside of the upstream API being accessed. Batch requests are created by POSTing to the `/{listen_path}/tyk/batch/` endpoint. These requests **do not require a valid key**, but their request list does.

Sample Request

```{json} { "requests": [ { "method": "GET", "headers": { "x-tyk-test": "1", "x-tyk-version": "1.2", "authorization": "1dbc83b9c431649d7698faa9797e2900f" }, "body": "", "relative_url": "get" }, { "method": "GET", "headers": { "x-tyk-test": "2", "x-tyk-version": "1.2", "authorization": "1dbc83b9c431649d7698faa9797e2900f" }, "body": "", "relative_url": "get" } ], "suppress_parallel_execution": false } ``` The response will will be a structured reply that encapsulates the responses for each of the outbound requests. If `suppress_parallel_execution` is set to `true`, requests will be made synchronously. If set to `false` then they will run in parallel and the response order is not guaranteed.

Sample Response

``` [ { "relative_url": "get", "code": 200, "headers": { "Access-Control-Allow-Credentials": [ "true" ], "Access-Control-Allow-Origin": [ "*" ], "Content-Length": [ "497" ], "Content-Type": [ "application/json" ], "Date": [ "Wed, 12 Nov 2014 15:32:43 GMT" ], "Server": [ "gunicorn/18.0" ], "Via": [ "1.1 vegur" ] }, "body": "{ "args": {}, "headers": { "Accept-Encoding": "gzip", "Authorization": "1dbc83b9c431649d7698faa9797e2900f", "Connect-Time": "2", "Connection": "close", "Host": "httpbin.org", "Total-Route-Time": "0", "User-Agent": "Go 1.1 package http", "Via": "1.1 vegur", "X-Request-Id": "6a22499a-2776-4aa1-80c0-686581a8be4d", "X-Tyk-Test": "2", "X-Tyk-Version": "1.2" }, "origin": "127.0.0.1, 62.232.114.250", "url": "http://httpbin.org/get" }" }, { "relative_url": "get", "code": 200, "headers": { "Access-Control-Allow-Credentials": [ "true" ], "Access-Control-Allow-Origin": [ "*" ], "Content-Length": [ "497" ], "Content-Type": [ "application/json" ], "Date": [ "Wed, 12 Nov 2014 15:32:43 GMT" ], "Server": [ "gunicorn/18.0" ], "Via": [ "1.1 vegur" ] }, "body": "{ "args": {}, "headers": { "Accept-Encoding": "gzip", "Authorization": "1dbc83b9c431649d7698faa9797e2900f", "Connect-Time": "7", "Connection": "close", "Host": "httpbin.org", "Total-Route-Time": "0", "User-Agent": "Go 1.1 package http", "Via": "1.1 vegur", "X-Request-Id": "1ab61f50-51ff-4828-a7e2-17240385a6d2", "X-Tyk-Test": "1", "X-Tyk-Version": "1.2" }, "origin": "127.0.0.1, 62.232.114.250", "url": "http://httpbin.org/get" }" } ] ``` With the body for each request string encoded in the `body` field. * `expire_analytics_after`: If you are running a busy API, you may want to ensure that your MongoDB database does not overflow with old data. Set the `expire_analytics_after` value to the number of seconds you would like the data to last for. Setting this flag to anything above `0` will set an `expireAt` field for each record that is written to the database. **Important:** Tyk will not create the expiry index for you. In order to implement data expiry for your analytics data, ensure that the index is created This is easily achieved using the [MongoDB command line interface](https://docs.mongodb.com/getting-started/shell/client/). * `dont_set_quota_on_create`: This setting defaults to `false`, but if set to `true`, when the API is used to edit, create or add keys, the quota cache in Redis will not be re-set. By default, all updates or creates to Keys that have Quotas set will re-set the quota (This has been the default behaviour since 1.0). This behaviour can be bypassed on a case-by-case basis by using the `suppress_reset` parameter when making a REST API request. This is the advised mode of operation as it allows for manual, granular control over key quotas and reset timings. * `cache_options`: This section enables you to configure the caching behaviour of Tyk and to enable or disable the caching middleware for your API. * `cache_options.enable_cache`: Set this value to `true` if the cache should be enabled for this endpoint, setting it to false will stop all caching behaviour. * `cache_options.cache_timeout`: The amount of time, in seconds, to keep cached objects, defaults to `60` seconds. * `cache_options.cache_all_safe_requests`: Set this to `true` if you want all *safe* requests (GET, HEAD, OPTIONS) to be cached. This is a blanket setting for APIs where caching is required but you don't want to set individual paths up in the definition. * `cache_options.enable_upstream_cache_control`: Set this to `true` if you want your application to control the cache options for Tyk (TTL and whether to cache or not). See [Caching](/docs/reduce-latency/caching/) for more details. * `response_processors`: Response processors need to be specifically defined so they are loaded on API creation, otherwise the middleware will not fire. In order to have the two main response middleware components fire, the following configuration object should be supplied. ```{json} "response_processors": [ { "name": "header_injector", "options": { "add_headers": {"name": "value"}, "remove_headers": ["name"] } }, { "name": "response_body_transform", "options": {} } ] ``` The options for the `header_injector` are global, and will apply to all outbound requests. - name: APIs description: |- **Note: Applies only to Tyk Gateway Community Edition** API Management is very simple using the Tyk REST API: each update only affects the underlying file, and this endpoint will only work with disk based installations, not Database-backed ones. APIs that are added this way are flushed to to disk into the app_path folder using the format: `{api-id}.json`. Updating existing APIs that use a different naming convention will cause those APIs to be added, which could subsequently lead to a loading error and crash if they use the same listen_path. These methods only work on a single API node. If updating a cluster, it is important to ensure that all nodes are updated before initiating a reload. paths: /tyk/apis: get: description: |- List APIs Only if used without the Tyk Dashboard tags: - APIs operationId: listApis responses: '200': description: List of API definitions content: application/json: schema: type: array items: $ref: '#/components/schemas/APIDefinition' example: - name: "TestAPI" use_keyless: true active: true proxy: listen_path: "/test" post: description: |- Create API A single Tyk node can have its API Definitions queried, deleted and updated remotely. This functionality enables you to remotely update your Tyk definitions without having to manage the files manually. tags: - APIs operationId: createApi requestBody: content: application/json: schema: $ref: "#/components/schemas/APIDefinition" example: name: "TestAPI" use_keyless: true active: true proxy: listen_path: "/test" responses: '200': description: API created content: application/json: schema: $ref: "#/components/schemas/apiModifyKeySuccess" example: status: "ok" action: "created" key: "{...API JSON definition...}" '400': description: Malformed data content: application/json: schema: $ref: "#/components/schemas/apiStatusMessage" example: status: "error" message: "Malformed API data" '/tyk/apis/{apiID}': parameters: - description: The API ID name: apiID in: path required: true schema: type: string get: description: |- Get API definition Only if used without the Tyk Dashboard tags: - APIs operationId: getApi responses: '200': description: API definition content: application/json: schema: $ref: "#/components/schemas/APIDefinition" example: name: "TestAPI" use_keyless: true active: true proxy: listen_path: "/test" put: description: | Updating an API definition uses the same signature an object as a `POST`, however it will first ensure that the API ID that is being updated is the same as the one in the object being `PUT`. Updating will completely replace the file descriptor and will not change an API Definition that has already been loaded, the hot-reload endpoint will need to be called to push the new definition to live. tags: - APIs operationId: updateApi requestBody: content: application/json: schema: $ref: "#/components/schemas/APIDefinition" example: name: "TestAPI" use_keyless: true active: true proxy: listen_path: "/test" responses: '200': description: API updated content: application/json: schema: $ref: "#/components/schemas/apiModifyKeySuccess" example: status: "ok" action: "updated" key: "{...API JSON definition...}" '400': description: Malformed data content: application/json: schema: $ref: "#/components/schemas/apiStatusMessage" example: status: "error" message: "Malformed API data" delete: description: |- Deleting an API definition will remove the file from the file store, the API definition will NOT be unloaded, a separate reload request will need to be made to disable the API endpoint. tags: - APIs operationId: deleteApi responses: '200': description: API deleted content: application/json: schema: $ref: '#/components/schemas/apiStatusMessage' example: message: API deleted status: ok '400': description: No API ID specified content: application/json: schema: $ref: '#/components/schemas/apiStatusMessage' example: message: API ID not specified status: error '/tyk/cache/{apiID}': parameters: - description: The API ID name: apiID in: path required: true schema: type: string delete: summary: Invalidate cache description: Invalidate cache for given API tags: - Cache Invalidation operationId: invalidateCache responses: '200': description: Invalidate cache content: application/json: schema: $ref: '#/components/schemas/apiStatusMessage' example: message: cache invalidated status: ok '/tyk/reload/': get: summary: Hot-reload a single node description: Tyk is capable of reloading configurations without having to stop serving requests, this means that API configurations can be added at runtime, or even modified at runtime and those rules applied immediately without any downtime. parameters: - description: Block a response, until the reload is performed. This can be useful in scripting environments like CI/CD workflows. name: block in: query required: false schema: type: boolean enum: [true] tags: - Hot Reload operationId: hotReload responses: '200': description: Reload gateway content: application/json: schema: $ref: '#/components/schemas/apiStatusMessage' example: status: ok '/tyk/reload/group': get: summary: Hot-reload a Tyk group description: To reload a whole group of Tyk nodes (without using the Dashboard or host manager), you can send an API request to a single node, this node will then send a notification through the pub/sub infrastructure to all other listening nodes (including the host manager if it is being used to manage NginX) which will then trigger a global reload. tags: - Hot Reload operationId: hotReloadGroup responses: '200': description: Reload gateway content: application/json: schema: $ref: '#/components/schemas/apiStatusMessage' example: status: ok '/tyk/hello': get: summary: Check the Health of the Gateway description: | From v2.7.5 you can now rename the `/hello` endpoint by using the `health_check_endpoint_name` option Returns 200 response in case of success tags: - Health Checking operationId: hello responses: '200': description: Success content: text/html: schema: type: string example: "Hello Tiki" '/tyk/{listenPath}/hello': parameters: - in: path name: listenPath required: true description: "Listen path of loaded API" schema: type: string get: summary: Check the Health of the API description: Should point to API domain if it has own tags: - Health Checking operationId: helloAPI responses: '200': description: Success content: text/html: schema: type: string example: "Hello Tiki" /tyk/keys: get: summary: List Keys description: You can retrieve all the keys in your Tyk instance. Returns an array of Key IDs. tags: - Keys operationId: listKeys responses: '200': description: List of all API keys content: application/json: schema: type: array items: type: string post: summary: Create a key description: |- Tyk will generate the access token based on the OrgID specified in the API Definition and a random UUID. This ensures that keys can be "owned" by different API Owners should segmentation be needed at an organisational level.

API keys without access_rights data will be written to all APIs on the system (this also means that they will be created across all SessionHandlers and StorageHandlers, it is recommended to always embed access_rights data in a key to ensure that only targeted APIs and their back-ends are written to. tags: - Keys operationId: addKey requestBody: content: application/json: schema: $ref: "#/components/schemas/SessionState" example: quota_max: 60 quota_renews: 1406121006 quota_renewal_rate: 60 allowance: 100 rate: 100 per: 5 org_id: 53ac07777cbb8c2d53000002 responses: '200': description: New Key added content: application/json: schema: $ref: '#/components/schemas/apiModifyKeySuccess' example: action: created key: '{...KEY JSON definition...}' status: ok '400': description: Malformed data content: application/json: schema: $ref: '#/components/schemas/apiStatusMessage' example: message: Malformed Key data status: error '/tyk/keys/{keyID}': parameters: - description: The Key ID name: keyID in: path required: true schema: type: string get: summary: Get a Key description: Get session info about the specified key. Should return up to date rate limit and quota usage numbers. tags: - Keys operationId: getKey responses: '200': description: Key object content: application/json: schema: $ref: '#/components/schemas/SessionState' example: quota_max: 60 quota_renews: 1406121006 quota_renewal_rate: 60 allowance: 100 rate: 100 per: 5 org_id: 53ac07777cbb8c2d53000002 put: summary: Update Key or Add custom Key description: |- You can also manually add keys to Tyk using your own key-generation algorithm. It is recommended if using this approach to ensure that the OrgID being used in the API Definition and the key data is blank so that Tyk does not try to prepend or manage the key in any way. tags: - Keys operationId: updateKey requestBody: content: application/json: schema: $ref: "#/components/schemas/SessionState" example: quota_max: 60 quota_renews: 1406121006 quota_renewal_rate: 60 allowance: 100 rate: 100 per: 5 org_id: 53ac07777cbb8c2d53000002 parameters: - description: |- Adding the suppress_reset parameter and setting it to 1, will cause Tyk not to reset the quota limit that is in the current live quota manager. By default Tyk will reset the quota in the live quota manager (initialising it) when adding a key. Adding the `suppress_reset` flag to the URL parameters will avoid this behaviour. name: suppress_reset in: query required: false schema: type: string enum: ["1"] responses: '200': description: Key updated content: application/json: schema: $ref: '#/components/schemas/apiModifyKeySuccess' example: action: updated status: ok '400': description: No or incorrect Key ID specified content: application/json: schema: $ref: '#/components/schemas/apiStatusMessage' example: message: Key ID not specified status: error delete: summary: Delete Key description: Deleting a key will remove it permanently from the system, however analytics relating to that key will still be available. tags: - Keys operationId: deleteKey responses: '200': description: Key deleted content: application/json: schema: $ref: '#/components/schemas/apiStatusMessage' example: action: Key deleted status: ok /tyk/oauth/clients/create: post: summary: Create new OAuth client description: Any OAuth keys must be generated with the help of a client ID. These need to be pre-registered with Tyk before they can be used (in a similar vein to how you would register your app with Twitter before attempting to ask user permissions using their API).

Creating OAuth clients with Access to Multiple APIs

New from Tyk Gateway 2.6.0 is the ability to create OAuth clients with access to more than one API. If you provide the api_id it works the same as in previous releases. If you don¿ït provide the api_id the request uses policy access rights and enumerates APIs from their setting in the newly created OAuth-client. tags: - OAuth operationId: createOAuthClient requestBody: content: application/json: schema: $ref: "#/components/schemas/NewClientRequest" example: client_id: test api_id: id policy_id: policy responses: '200': description: Client created content: application/json: schema: $ref: '#/components/schemas/NewClientRequest' example: client_id: test api_id: id policy_id: policy '/tyk/oauth/clients/{apiID}': get: summary: List oAuth clients description: OAuth Clients are organised by API ID, and therefore are queried as such. tags: - OAuth operationId: listOAuthClients parameters: - description: The API ID name: apiID in: path required: true schema: type: string responses: '200': description: Get OAuth client details or a list of OAuth clients content: application/json: schema: type: array items: $ref: '#/components/schemas/NewClientRequest' '/tyk/oauth/clients/{apiID}/{keyName}': get: summary: Get OAuth client tags: - OAuth operationId: getOAuthClient parameters: - description: The API ID name: apiID in: path required: true schema: type: string minimum: 1 - description: The Client ID name: keyName in: path required: true schema: type: string responses: '200': description: Get OAuth client details or a list of OAuth clients content: application/json: schema: $ref: '#/components/schemas/NewClientRequest' example: client_id: test api_id: id policy_id: policy delete: summary: Delete OAuth client description: Please note that tokens issued with the client ID will still be valid until they expire. tags: - OAuth operationId: deleteOAuthClient parameters: - description: The API ID name: apiID in: path required: true schema: type: string minimum: 1 - description: The Client ID name: keyName in: path required: true schema: type: string responses: '200': description: OAuth client deleted content: application/json: schema: $ref: '#/components/schemas/apiModifyKeySuccess' example: action: deleted status: ok '/tyk/oauth/clients/{apiID}/{keyName}/tokens': get: summary: List tokens description: This endpoint allows you to retrieve a list of all current tokens and their expiry date for a provided API ID and OAuth-client ID in the following format. This endpoint will work only for newly created tokens.

You can control how long you want to store expired tokens in this list using `oauth_token_expired_retain_period` gateway option, which specifies retain period for expired tokens stored in Redis. By default expired token not get removed. See here for more details. tags: - OAuth operationId: getOAuthClientTokens parameters: - description: The API ID name: apiID in: path required: true schema: type: string minimum: 1 - description: The Client ID name: keyName in: path required: true schema: type: string responses: '200': description: Get a list of tokens content: application/json: schema: type: array items: type: string example: - "tok1" - "tok2" '/tyk/oauth/refresh/{keyName}': delete: summary: Invalidate OAuth refresh token description: It is possible to invalidate refresh tokens in order to manage OAuth client access more robustly. tags: - OAuth operationId: invalidateOAuthRefresh parameters: - description: The API id name: api_id in: query required: true schema: type: string - description: Refresh token name: keyName in: path required: true schema: type: string responses: '200': description: Deleted content: application/json: schema: $ref: '#/components/schemas/apiModifyKeySuccess' '/tyk/oauth/authorize-client/': post: description: With the OAuth flow you will need to create authorisation or access tokens for your clients, in order to do this, Tyk provides a private API endpoint for your application to generate these codes and redirect the end-user back to the API Client. summary: Authorize client requestBody: required: true content: application/x-www-form-urlencoded: schema: type: object properties: response_type: description: Should be provided by requesting client as part of authorisation request, this should be either `code` or `token` depending on the methods you have specified for the API. type: string client_id: description: Should be provided by requesting client as part of authorisation request. The Client ID that is making the request. type: string redirect_uri: description: Should be provided by requesting client as part of authorisation request. Must match with the record stored with Tyk. type: string key_rules: description: A string representation of a Session Object (form-encoded). This should be provided by your application in order to apply any quotas or rules to the key. type: string example: response_type: code client_id: 21e2baf424674f6461faca6d45285bbb redirect_uri: http%3A%2F%2Foauth.com%2Fredirect key_rules: '%7B+++++%22allowance%22%3A+999%2C+++++%22rate%22%3A+1000%2C+++++%22per%22%3A+60%2C+++++%22expires%22%3A+0%2C+++++%22quota_max%22%3A+-1%2C+++++%22quota_renews%22%3A+1406121006%2C+++++%22quota_remaining%22%3A+0%2C+++++%22quota_renewal_rate%22%3A+60%2C+++++%22access_rights%22%3A+%7B+++++++++%22528a67c1ac9940964f9a41ae79235fcc%22%3A+%7B+++++++++++++%22api_name%22%3A+%22OAuth+Test+API%22%2C+++++++++++++%22api_id%22%3A+%22528a67c1ac9940964f9a41ae79235fcc%22%2C+++++++++++++%22versions%22%3A+%5B+++++++++++++++++%22Default%22+++++++++++++%5D+++++++++%7D+++++%7D%2C+++++%22org_id%22%3A+%2253ac07777cbb8c2d53000002%22+%7D' tags: - OAuth operationId: authorizeClient responses: '200': description: Succesful response content: application/json: schema: type: object example: code: MWY0ZDRkMzktOTYwNi00NDRiLTk2YmQtOWQxOGQ3Mjc5Yzdk redirect_to: 'http://client-app.com/oauth-redirect/?code=MWY0ZDRkMzktOTYwNi00NDRiLTk2YmQtOWQxOGQ3Mjc5Yzdk' /tyk/org/keys: get: summary: List Organisation Keys description: |- You can now set rate limits at the organisation level by using the following fields - allowance and rate. These are the number of allowed requests for the specified per value, and need to be set to the same value. If you don¿ït want to have organisation level rate limiting, set ¿írate¿ì or ¿íper¿ì to zero, or don¿ït add them to your request. tags: - Organisation Quotas operationId: listOrgKeys responses: '200': description: List of all API keys content: application/json: schema: type: object properties: keys: type: array items: type: string example: keys: - "key1" - "key2" post: summary: Create an organisation key description: |- This work similar to Keys API except that Key ID is always equals Organisation ID tags: - Organisation Quotas operationId: addOrgKey requestBody: content: application/json: schema: $ref: "#/components/schemas/SessionState" example: quota_max: 60 quota_renews: 1406121006 quota_renewal_rate: 60 allowance: 100 rate: 100 per: 5 org_id: 53ac07777cbb8c2d53000002 responses: '200': description: New Key added content: application/json: schema: $ref: '#/components/schemas/apiModifyKeySuccess' example: action: created key: '{...KEY JSON definition...}' status: ok '/tyk/orgs/keys/{keyID}': parameters: - description: The Key ID name: keyID in: path required: true schema: type: string get: summary: Get an Organisation Key description: Get session info about specified orgnanisation key. Should return up to date rate limit and quota usage numbers. tags: - Organisation Quotas operationId: getOrgKey responses: '200': description: Key object content: application/json: schema: $ref: '#/components/schemas/SessionState' put: summary: Update Organisation Key description: |- This work similar to Keys API except that Key ID is always equals Organisation ID For Gateway v2.6.0 onwards, you can now set rate limits at the organisation level by using the following fields - allowance and rate. These are the number of allowed requests for the specified per value, and need to be set to the same value. If you don¿ït want to have organisation level rate limiting, set `rate` or `per` to zero, or don¿ït add them to your request. tags: - Organisation Quotas operationId: updateOrgKey requestBody: content: application/json: schema: $ref: "#/components/schemas/SessionState" example: quota_max: 60 quota_renews: 1406121006 quota_renewal_rate: 60 allowance: 100 rate: 100 per: 5 org_id: 53ac07777cbb8c2d53000002 parameters: - description: |- Adding the `reset_quota` parameter and setting it to 1, will cause Tyk reset the organisations quota in the live quota manager, it is recommended to use this mechanism to reset organisation-level access if a monthly subscription is in place. name: reset_quota in: query required: false schema: type: string enum: ["1"] responses: '200': description: Key updated content: application/json: schema: $ref: '#/components/schemas/apiModifyKeySuccess' example: action: updated status: ok delete: summary: Delete Organisation Key description: Deleting a key will remove all limits from organisation. It does not affects regualar keys created within organisation. tags: - Organisation Quotas operationId: deleteOrgKey responses: '200': description: Key deleted content: application/json: schema: $ref: '#/components/schemas/apiStatusMessage' example: action: Key deleted status: ok /{listen_path}/tyk/batch: parameters: - name: listen_path in: path required: true description: "API listen path" schema: type: string post: summary: Run batch request tags: - Batch requests operationId: batch responses: '200': $ref: '#/components/schemas/apiStatusMessage' components: responses: parameterBodies: content: application/json: schema: $ref: '#/components/schemas/OAuthClientToken' description: parameterBodies schemas: APIDefinition: properties: tags: items: type: string type: array x-go-name: Tags CORS: properties: allow_credentials: type: boolean x-go-name: AllowCredentials allowed_headers: items: type: string type: array x-go-name: AllowedHeaders allowed_methods: items: type: string type: array x-go-name: AllowedMethods allowed_origins: items: type: string type: array x-go-name: AllowedOrigins debug: type: boolean x-go-name: Debug enable: type: boolean x-go-name: Enable exposed_headers: items: type: string type: array x-go-name: ExposedHeaders max_age: format: int64 type: integer x-go-name: MaxAge options_passthrough: type: boolean x-go-name: OptionsPassthrough type: object active: type: boolean x-go-name: Active allowed_ips: items: type: string type: array x-go-name: AllowedIPs api_id: type: string x-go-name: APIID auth: $ref: '#/components/schemas/Auth' auth_provider: $ref: '#/components/schemas/AuthProviderMeta' base_identity_provided_by: $ref: '#/components/schemas/AuthTypeEnum' basic_auth: properties: body_password_regexp: type: string x-go-name: BodyPasswordRegexp body_user_regexp: type: string x-go-name: BodyUserRegexp cache_ttl: format: int64 type: integer x-go-name: CacheTTL disable_caching: type: boolean x-go-name: DisableCaching extract_from_body: type: boolean x-go-name: ExtractFromBody type: object x-go-name: BasicAuth blacklisted_ips: items: type: string type: array x-go-name: BlacklistedIPs cache_options: $ref: '#/components/schemas/CacheOptions' certificates: items: type: string type: array x-go-name: Certificates client_certificates: items: type: string type: array x-go-name: ClientCertificates config_data: additionalProperties: type: object type: object x-go-name: ConfigData custom_middleware: $ref: '#/components/schemas/MiddlewareSection' custom_middleware_bundle: type: string x-go-name: CustomMiddlewareBundle definition: properties: key: type: string x-go-name: Key location: type: string x-go-name: Location strip_path: type: boolean x-go-name: StripPath type: object x-go-name: VersionDefinition disable_quota: type: boolean x-go-name: DisableQuota disable_rate_limit: type: boolean x-go-name: DisableRateLimit do_not_track: type: boolean x-go-name: DoNotTrack domain: type: string x-go-name: Domain dont_set_quota_on_create: type: boolean x-go-name: DontSetQuotasOnCreate enable_batch_request_support: type: boolean x-go-name: EnableBatchRequestSupport enable_context_vars: type: boolean x-go-name: EnableContextVars enable_coprocess_auth: type: boolean x-go-name: EnableCoProcessAuth enable_ip_blacklisting: type: boolean x-go-name: EnableIpBlacklisting enable_ip_whitelisting: type: boolean x-go-name: EnableIpWhiteListing enable_jwt: type: boolean x-go-name: EnableJWT enable_signature_checking: type: boolean x-go-name: EnableSignatureChecking event_handlers: $ref: '#/components/schemas/EventHandlerMetaConfig' expire_analytics_after: format: int64 type: integer x-go-name: ExpireAnalyticsAfter global_rate_limit: $ref: '#/components/schemas/GlobalRateLimit' hmac_allowed_algorithms: items: type: string type: array x-go-name: HmacAllowedAlgorithms hmac_allowed_clock_skew: format: double type: number x-go-name: HmacAllowedClockSkew id: $ref: '#/components/schemas/ObjectId' internal: type: boolean x-go-name: Internal jwt_client_base_field: type: string x-go-name: JWTClientIDBaseField jwt_expires_at_validation_skew: format: uint64 type: integer x-go-name: JWTExpiresAtValidationSkew jwt_identity_base_field: type: string x-go-name: JWTIdentityBaseField jwt_issued_at_validation_skew: format: uint64 type: integer x-go-name: JWTIssuedAtValidationSkew jwt_not_before_validation_skew: format: uint64 type: integer x-go-name: JWTNotBeforeValidationSkew jwt_policy_field_name: type: string x-go-name: JWTPolicyFieldName jwt_scope_claim_name: type: string x-go-name: JWTScopeClaimName jwt_scope_to_policy_mapping: additionalProperties: type: string type: object x-go-name: JWTScopeToPolicyMapping jwt_signing_method: type: string x-go-name: JWTSigningMethod jwt_skip_kid: type: boolean x-go-name: JWTSkipKid jwt_source: type: string x-go-name: JWTSource name: type: string x-go-name: Name notifications: $ref: '#/components/schemas/NotificationsManager' oauth_meta: properties: allowed_access_types: items: $ref: '#/components/schemas/AccessRequestType' type: array x-go-name: AllowedAccessTypes allowed_authorize_types: items: $ref: '#/components/schemas/AuthorizeRequestType' type: array x-go-name: AllowedAuthorizeTypes auth_login_redirect: type: string x-go-name: AuthorizeLoginRedirect type: object x-go-name: Oauth2Meta openid_options: $ref: '#/components/schemas/OpenIDOptions' org_id: type: string x-go-name: OrgID pinned_public_keys: additionalProperties: type: string type: object x-go-name: PinnedPublicKeys proxy: properties: check_host_against_uptime_tests: type: boolean x-go-name: CheckHostAgainstUptimeTests disable_strip_slash: type: boolean x-go-name: DisableStripSlash enable_load_balancing: type: boolean x-go-name: EnableLoadBalancing listen_path: type: string x-go-name: ListenPath preserve_host_header: type: boolean x-go-name: PreserveHostHeader service_discovery: $ref: '#/components/schemas/ServiceDiscoveryConfiguration' strip_listen_path: type: boolean x-go-name: StripListenPath target_list: items: type: string type: array x-go-name: Targets target_url: type: string x-go-name: TargetURL transport: properties: proxy_url: type: string x-go-name: ProxyURL ssl_ciphers: items: type: string type: array x-go-name: SSLCipherSuites ssl_insecure_skip_verify: type: boolean x-go-name: SSLInsecureSkipVerify ssl_min_version: format: uint16 type: integer x-go-name: SSLMinVersion type: object x-go-name: Transport type: object x-go-name: Proxy response_processors: items: $ref: '#/components/schemas/ResponseProcessor' type: array x-go-name: ResponseProcessors session_lifetime: format: int64 type: integer x-go-name: SessionLifetime session_provider: $ref: '#/components/schemas/SessionProviderMeta' slug: type: string x-go-name: Slug strip_auth_data: type: boolean x-go-name: StripAuthData tag_headers: items: type: string type: array x-go-name: TagHeaders upstream_certificates: additionalProperties: type: string type: object x-go-name: UpstreamCertificates uptime_tests: properties: check_list: items: $ref: '#/components/schemas/HostCheckObject' type: array x-go-name: CheckList config: properties: expire_utime_after: format: int64 type: integer x-go-name: ExpireUptimeAnalyticsAfter recheck_wait: format: int64 type: integer x-go-name: RecheckWait service_discovery: $ref: '#/components/schemas/ServiceDiscoveryConfiguration' type: object x-go-name: Config type: object x-go-name: UptimeTests use_basic_auth: type: boolean x-go-name: UseBasicAuth use_keyless: type: boolean x-go-name: UseKeylessAccess use_mutual_tls_auth: type: boolean x-go-name: UseMutualTLSAuth use_oauth2: type: boolean x-go-name: UseOauth2 use_openid: type: boolean x-go-name: UseOpenID use_standard_auth: type: boolean x-go-name: UseStandardAuth version_data: properties: default_version: type: string x-go-name: DefaultVersion not_versioned: type: boolean x-go-name: NotVersioned versions: additionalProperties: $ref: '#/components/schemas/VersionInfo' type: object x-go-name: Versions type: object x-go-name: VersionData title: >- APIDefinition represents the configuration for a single proxied API and it's versions. type: object x-go-package: github.com/TykTechnologies/tyk/apidef APILimit: description: APILimit stores quota and rate limit on ACL level (per API) properties: per: format: double type: number x-go-name: Per quota_max: format: int64 type: integer x-go-name: QuotaMax quota_remaining: format: int64 type: integer x-go-name: QuotaRemaining quota_renewal_rate: format: int64 type: integer x-go-name: QuotaRenewalRate quota_renews: format: int64 type: integer x-go-name: QuotaRenews rate: format: double type: number x-go-name: Rate set_by_policy: type: boolean x-go-name: SetByPolicy throttle_interval: format: double type: number x-go-name: ThrottleInterval throttle_retry_limit: format: int64 type: integer x-go-name: ThrottleRetryLimit type: object x-go-package: github.com/TykTechnologies/tyk/user AccessDefinition: description: AccessDefinition defines which versions of an API a key has access to properties: allowed_urls: items: $ref: '#/components/schemas/AccessSpec' type: array x-go-name: AllowedURLs api_id: type: string x-go-name: APIID api_name: type: string x-go-name: APIName limit: $ref: '#/components/schemas/APILimit' versions: items: type: string type: array x-go-name: Versions type: object x-go-package: github.com/TykTechnologies/tyk/user AccessRequestType: description: AccessRequestType is the type for OAuth param `grant_type` type: string x-go-package: github.com/TykTechnologies/tyk/vendor/github.com/lonelycode/osin AccessSpec: description: >- AccessSpecs define what URLS a user has access to an what methods are enabled properties: methods: items: type: string type: array x-go-name: Methods url: type: string x-go-name: URL type: object x-go-package: github.com/TykTechnologies/tyk/user Auth: properties: auth_header_name: type: string x-go-name: AuthHeaderName cookie_name: type: string x-go-name: CookieName param_name: type: string x-go-name: ParamName signature: $ref: '#/components/schemas/SignatureConfig' use_certificate: type: boolean x-go-name: UseCertificate use_cookie: type: boolean x-go-name: UseCookie use_param: type: boolean x-go-name: UseParam validate_signature: type: boolean x-go-name: ValidateSignature type: object x-go-package: github.com/TykTechnologies/tyk/apidef AuthProviderCode: type: string x-go-package: github.com/TykTechnologies/tyk/apidef AuthProviderMeta: properties: meta: additionalProperties: type: object type: object x-go-name: Meta name: $ref: '#/components/schemas/AuthProviderCode' storage_engine: $ref: '#/components/schemas/StorageEngineCode' type: object x-go-package: github.com/TykTechnologies/tyk/apidef AuthTypeEnum: type: string x-go-package: github.com/TykTechnologies/tyk/apidef AuthorizeRequestType: description: AuthorizeRequestType is the type for OAuth param `response_type` type: string x-go-package: github.com/TykTechnologies/tyk/vendor/github.com/lonelycode/osin CacheMeta: properties: cache_key_regex: type: string x-go-name: CacheKeyRegex method: type: string x-go-name: Method path: type: string x-go-name: Path type: object x-go-package: github.com/TykTechnologies/tyk/apidef CacheOptions: properties: cache_all_safe_requests: type: boolean x-go-name: CacheAllSafeRequests cache_control_ttl_header: type: string x-go-name: CacheControlTTLHeader cache_response_codes: items: format: int64 type: integer type: array x-go-name: CacheOnlyResponseCodes cache_timeout: format: int64 type: integer x-go-name: CacheTimeout enable_cache: type: boolean x-go-name: EnableCache enable_upstream_cache_control: type: boolean x-go-name: EnableUpstreamCacheControl type: object x-go-package: github.com/TykTechnologies/tyk/apidef CircuitBreakerMeta: properties: method: type: string x-go-name: Method path: type: string x-go-name: Path return_to_service_after: format: int64 type: integer x-go-name: ReturnToServiceAfter samples: format: int64 type: integer x-go-name: Samples threshold_percent: format: double type: number x-go-name: ThresholdPercent type: object x-go-package: github.com/TykTechnologies/tyk/apidef EndPointMeta: properties: method_actions: additionalProperties: $ref: '#/components/schemas/EndpointMethodMeta' type: object x-go-name: MethodActions path: type: string x-go-name: Path type: object x-go-package: github.com/TykTechnologies/tyk/apidef EndpointMethodAction: type: string x-go-package: github.com/TykTechnologies/tyk/apidef EndpointMethodMeta: properties: action: $ref: '#/components/schemas/EndpointMethodAction' code: format: int64 type: integer x-go-name: Code data: type: string x-go-name: Data headers: additionalProperties: type: string type: object x-go-name: Headers type: object x-go-package: github.com/TykTechnologies/tyk/apidef EventHandlerMetaConfig: properties: events: x-go-name: Events type: object x-go-package: github.com/TykTechnologies/tyk/apidef ExtendedPathsSet: properties: advance_cache_config: items: $ref: '#/components/schemas/CacheMeta' type: array x-go-name: AdvanceCacheConfig black_list: items: $ref: '#/components/schemas/EndPointMeta' type: array x-go-name: BlackList cache: items: type: string type: array x-go-name: Cached circuit_breakers: items: $ref: '#/components/schemas/CircuitBreakerMeta' type: array x-go-name: CircuitBreaker do_not_track_endpoints: items: $ref: '#/components/schemas/TrackEndpointMeta' type: array x-go-name: DoNotTrackEndpoints hard_timeouts: items: $ref: '#/components/schemas/HardTimeoutMeta' type: array x-go-name: HardTimeouts ignored: items: $ref: '#/components/schemas/EndPointMeta' type: array x-go-name: Ignored internal: items: $ref: '#/components/schemas/InternalMeta' type: array x-go-name: Internal method_transforms: items: $ref: '#/components/schemas/MethodTransformMeta' type: array x-go-name: MethodTransforms size_limits: items: $ref: '#/components/schemas/RequestSizeMeta' type: array x-go-name: SizeLimit track_endpoints: items: $ref: '#/components/schemas/TrackEndpointMeta' type: array x-go-name: TrackEndpoints transform: items: $ref: '#/components/schemas/TemplateMeta' type: array x-go-name: Transform transform_headers: items: $ref: '#/components/schemas/HeaderInjectionMeta' type: array x-go-name: TransformHeader transform_jq: items: $ref: '#/components/schemas/TransformJQMeta' type: array x-go-name: TransformJQ transform_jq_response: items: $ref: '#/components/schemas/TransformJQMeta' type: array x-go-name: TransformJQResponse transform_response: items: $ref: '#/components/schemas/TemplateMeta' type: array x-go-name: TransformResponse transform_response_headers: items: $ref: '#/components/schemas/HeaderInjectionMeta' type: array x-go-name: TransformResponseHeader url_rewrites: items: $ref: '#/components/schemas/URLRewriteMeta' type: array x-go-name: URLRewrite validate_json: items: $ref: '#/components/schemas/ValidatePathMeta' type: array x-go-name: ValidateJSON virtual: items: $ref: '#/components/schemas/VirtualMeta' type: array x-go-name: Virtual white_list: items: $ref: '#/components/schemas/EndPointMeta' type: array x-go-name: WhiteList type: object x-go-package: github.com/TykTechnologies/tyk/apidef GlobalRateLimit: properties: per: format: double type: number x-go-name: Per rate: format: double type: number x-go-name: Rate type: object x-go-package: github.com/TykTechnologies/tyk/apidef HardTimeoutMeta: properties: method: type: string x-go-name: Method path: type: string x-go-name: Path timeout: format: int64 type: integer x-go-name: TimeOut type: object x-go-package: github.com/TykTechnologies/tyk/apidef HashType: type: string x-go-package: github.com/TykTechnologies/tyk/user HeaderInjectionMeta: properties: act_on: type: boolean x-go-name: ActOnResponse add_headers: additionalProperties: type: string type: object x-go-name: AddHeaders delete_headers: items: type: string type: array x-go-name: DeleteHeaders method: type: string x-go-name: Method path: type: string x-go-name: Path type: object x-go-package: github.com/TykTechnologies/tyk/apidef HostCheckObject: properties: body: type: string x-go-name: Body headers: additionalProperties: type: string type: object x-go-name: Headers method: type: string x-go-name: Method url: type: string x-go-name: CheckURL type: object x-go-package: github.com/TykTechnologies/tyk/apidef IdExtractorSource: type: string x-go-package: github.com/TykTechnologies/tyk/apidef IdExtractorType: type: string x-go-package: github.com/TykTechnologies/tyk/apidef InternalMeta: properties: method: type: string x-go-name: Method path: type: string x-go-name: Path type: object x-go-package: github.com/TykTechnologies/tyk/apidef MethodTransformMeta: properties: method: type: string x-go-name: Method path: type: string x-go-name: Path to_method: type: string x-go-name: ToMethod type: object x-go-package: github.com/TykTechnologies/tyk/apidef MiddlewareDefinition: properties: name: type: string x-go-name: Name path: type: string x-go-name: Path require_session: type: boolean x-go-name: RequireSession type: object x-go-package: github.com/TykTechnologies/tyk/apidef MiddlewareDriver: type: string x-go-package: github.com/TykTechnologies/tyk/apidef MiddlewareIdExtractor: properties: extract_from: $ref: '#/components/schemas/IdExtractorSource' extract_with: $ref: '#/components/schemas/IdExtractorType' extractor_config: additionalProperties: type: object type: object x-go-name: ExtractorConfig type: object x-go-package: github.com/TykTechnologies/tyk/apidef MiddlewareSection: properties: auth_check: $ref: '#/components/schemas/MiddlewareDefinition' driver: $ref: '#/components/schemas/MiddlewareDriver' id_extractor: $ref: '#/components/schemas/MiddlewareIdExtractor' post: items: $ref: '#/components/schemas/MiddlewareDefinition' type: array x-go-name: Post post_key_auth: items: $ref: '#/components/schemas/MiddlewareDefinition' type: array x-go-name: PostKeyAuth pre: items: $ref: '#/components/schemas/MiddlewareDefinition' type: array x-go-name: Pre response: items: $ref: '#/components/schemas/MiddlewareDefinition' type: array x-go-name: Response type: object x-go-package: github.com/TykTechnologies/tyk/apidef NewClientRequest: description: >- NewClientRequest is an outward facing JSON object translated from osin OAuthClients properties: api_id: type: string x-go-name: APIID client_id: type: string x-go-name: ClientID description: type: string x-go-name: Description meta_data: type: object x-go-name: MetaData policy_id: type: string x-go-name: PolicyID redirect_uri: type: string x-go-name: ClientRedirectURI secret: type: string x-go-name: ClientSecret type: object x-go-package: github.com/TykTechnologies/tyk NotificationsManager: description: 'TODO: Make this more generic' properties: oauth_on_keychange_url: type: string x-go-name: OAuthKeyChangeURL shared_secret: type: string x-go-name: SharedSecret title: >- NotificationsManager handles sending notifications to OAuth endpoints to notify the provider of key changes. type: object x-go-package: github.com/TykTechnologies/tyk/apidef OAuthClientToken: properties: code: type: string x-go-name: Token expires: format: int64 type: integer x-go-name: Expires type: object x-go-package: github.com/TykTechnologies/tyk OIDProviderConfig: properties: client_ids: additionalProperties: type: string type: object x-go-name: ClientIDs issuer: type: string x-go-name: Issuer type: object x-go-package: github.com/TykTechnologies/tyk/apidef ObjectId: description: 'http://www.mongodb.org/display/DOCS/Object+IDs' title: >- ObjectId is a unique ID identifying a BSON value. It must be exactly 12 bytes long. MongoDB objects by default have such a property set in their "_id" property. type: string x-go-package: github.com/TykTechnologies/tyk/vendor/gopkg.in/mgo.v2/bson OpenIDOptions: properties: providers: items: $ref: '#/components/schemas/OIDProviderConfig' type: array x-go-name: Providers segregate_by_client: type: boolean x-go-name: SegregateByClient type: object x-go-package: github.com/TykTechnologies/tyk/apidef Regexp: description: Regexp is a wrapper around regexp.Regexp but with caching properties: FromCache: type: boolean type: object x-go-package: github.com/TykTechnologies/tyk/regexp RequestInputType: type: string x-go-package: github.com/TykTechnologies/tyk/apidef RequestSizeMeta: properties: method: type: string x-go-name: Method path: type: string x-go-name: Path size_limit: format: int64 type: integer x-go-name: SizeLimit type: object x-go-package: github.com/TykTechnologies/tyk/apidef ResponseProcessor: properties: name: type: string x-go-name: Name options: type: object x-go-name: Options type: object x-go-package: github.com/TykTechnologies/tyk/apidef RoutingTrigger: properties: 'on': $ref: '#/components/schemas/RoutingTriggerOnType' options: $ref: '#/components/schemas/RoutingTriggerOptions' rewrite_to: type: string x-go-name: RewriteTo type: object x-go-package: github.com/TykTechnologies/tyk/apidef RoutingTriggerOnType: type: string x-go-package: github.com/TykTechnologies/tyk/apidef RoutingTriggerOptions: properties: header_matches: additionalProperties: $ref: '#/components/schemas/StringRegexMap' type: object x-go-name: HeaderMatches path_part_matches: additionalProperties: $ref: '#/components/schemas/StringRegexMap' type: object x-go-name: PathPartMatches payload_matches: $ref: '#/components/schemas/StringRegexMap' query_val_matches: additionalProperties: $ref: '#/components/schemas/StringRegexMap' type: object x-go-name: QueryValMatches request_context_matches: additionalProperties: $ref: '#/components/schemas/StringRegexMap' type: object x-go-name: RequestContextMatches session_meta_matches: additionalProperties: $ref: '#/components/schemas/StringRegexMap' type: object x-go-name: SessionMetaMatches type: object x-go-package: github.com/TykTechnologies/tyk/apidef ServiceDiscoveryConfiguration: properties: cache_timeout: format: int64 type: integer x-go-name: CacheTimeout data_path: type: string x-go-name: DataPath endpoint_returns_list: type: boolean x-go-name: EndpointReturnsList parent_data_path: type: string x-go-name: ParentDataPath port_data_path: type: string x-go-name: PortDataPath query_endpoint: type: string x-go-name: QueryEndpoint target_path: type: string x-go-name: TargetPath use_discovery_service: type: boolean x-go-name: UseDiscoveryService use_nested_query: type: boolean x-go-name: UseNestedQuery use_target_list: type: boolean x-go-name: UseTargetList type: object x-go-package: github.com/TykTechnologies/tyk/apidef SessionProviderCode: type: string x-go-package: github.com/TykTechnologies/tyk/apidef SessionProviderMeta: properties: meta: additionalProperties: type: object type: object x-go-name: Meta name: $ref: '#/components/schemas/SessionProviderCode' storage_engine: $ref: '#/components/schemas/StorageEngineCode' type: object x-go-package: github.com/TykTechnologies/tyk/apidef SessionState: description: >- There's a data structure that's based on this and it's used for Protocol Buffer support, make sure to update "coprocess/proto/coprocess_session_state.proto" and generate the bindings using: cd coprocess/proto && ./update_bindings.sh properties: tags: items: type: string type: array x-go-name: Tags access_rights: additionalProperties: $ref: '#/components/schemas/AccessDefinition' type: object x-go-name: AccessRights alias: type: string x-go-name: Alias allowance: format: double type: number x-go-name: Allowance apply_policies: items: type: string type: array x-go-name: ApplyPolicies apply_policy_id: type: string x-go-name: ApplyPolicyID basic_auth_data: properties: hash_type: $ref: '#/components/schemas/HashType' password: type: string x-go-name: Password type: object x-go-name: BasicAuthData certificate: type: string x-go-name: Certificate data_expires: format: int64 type: integer x-go-name: DataExpires enable_detail_recording: type: boolean x-go-name: EnableDetailedRecording expires: format: int64 type: integer x-go-name: Expires hmac_enabled: type: boolean x-go-name: HMACEnabled hmac_string: type: string x-go-name: HmacSecret id_extractor_deadline: format: int64 type: integer x-go-name: IdExtractorDeadline is_inactive: type: boolean x-go-name: IsInactive jwt_data: properties: secret: type: string x-go-name: Secret type: object x-go-name: JWTData last_check: format: int64 type: integer x-go-name: LastCheck last_updated: type: string x-go-name: LastUpdated meta_data: additionalProperties: type: object type: object x-go-name: MetaData monitor: properties: trigger_limits: items: format: double type: number type: array x-go-name: TriggerLimits type: object x-go-name: Monitor oauth_client_id: type: string x-go-name: OauthClientID oauth_keys: additionalProperties: type: string type: object x-go-name: OauthKeys org_id: type: string x-go-name: OrgID per: format: double type: number x-go-name: Per quota_max: format: int64 type: integer x-go-name: QuotaMax quota_remaining: format: int64 type: integer x-go-name: QuotaRemaining quota_renewal_rate: format: int64 type: integer x-go-name: QuotaRenewalRate quota_renews: format: int64 type: integer x-go-name: QuotaRenews rate: format: double type: number x-go-name: Rate session_lifetime: format: int64 type: integer x-go-name: SessionLifetime throttle_interval: format: double type: number x-go-name: ThrottleInterval throttle_retry_limit: format: int64 type: integer x-go-name: ThrottleRetryLimit title: >- SessionState objects represent a current API session, mainly used for rate limiting. type: object x-go-package: github.com/TykTechnologies/tyk/user SignatureConfig: properties: algorithm: type: string x-go-name: Algorithm allowed_clock_skew: format: int64 type: integer x-go-name: AllowedClockSkew error_code: format: int64 type: integer x-go-name: ErrorCode error_message: type: string x-go-name: ErrorMessage header: type: string x-go-name: Header secret: type: string x-go-name: Secret type: object x-go-package: github.com/TykTechnologies/tyk/apidef StorageEngineCode: type: string x-go-package: github.com/TykTechnologies/tyk/apidef StringRegexMap: properties: match_rx: type: string x-go-name: MatchPattern reverse: type: boolean x-go-name: Reverse type: object x-go-package: github.com/TykTechnologies/tyk/apidef TemplateData: properties: enable_session: type: boolean x-go-name: EnableSession input_type: $ref: '#/components/schemas/RequestInputType' template_mode: $ref: '#/components/schemas/TemplateMode' template_source: type: string x-go-name: TemplateSource type: object x-go-package: github.com/TykTechnologies/tyk/apidef TemplateMeta: properties: method: type: string x-go-name: Method path: type: string x-go-name: Path template_data: $ref: '#/components/schemas/TemplateData' type: object x-go-package: github.com/TykTechnologies/tyk/apidef TemplateMode: type: string x-go-package: github.com/TykTechnologies/tyk/apidef TrackEndpointMeta: properties: method: type: string x-go-name: Method path: type: string x-go-name: Path type: object x-go-package: github.com/TykTechnologies/tyk/apidef TransformJQMeta: properties: filter: type: string x-go-name: Filter method: type: string x-go-name: Method path: type: string x-go-name: Path type: object x-go-package: github.com/TykTechnologies/tyk/apidef URLRewriteMeta: properties: MatchRegexp: $ref: '#/components/schemas/Regexp' match_pattern: type: string x-go-name: MatchPattern method: type: string x-go-name: Method path: type: string x-go-name: Path rewrite_to: type: string x-go-name: RewriteTo triggers: items: $ref: '#/components/schemas/RoutingTrigger' type: array x-go-name: Triggers type: object x-go-package: github.com/TykTechnologies/tyk/apidef ValidatePathMeta: properties: error_response_code: description: >- Allows override of default 422 Unprocessible Entity response code for validation errors. format: int64 type: integer x-go-name: ErrorResponseCode method: type: string x-go-name: Method path: type: string x-go-name: Path schema: additionalProperties: type: object type: object x-go-name: Schema schema_b64: type: string x-go-name: SchemaB64 type: object x-go-package: github.com/TykTechnologies/tyk/apidef VersionInfo: properties: paths: properties: black_list: items: type: string type: array x-go-name: BlackList ignored: items: type: string type: array x-go-name: Ignored white_list: items: type: string type: array x-go-name: WhiteList type: object x-go-name: Paths expires: type: string x-go-name: Expires extended_paths: $ref: '#/components/schemas/ExtendedPathsSet' global_headers: additionalProperties: type: string type: object x-go-name: GlobalHeaders global_headers_remove: items: type: string type: array x-go-name: GlobalHeadersRemove global_size_limit: format: int64 type: integer x-go-name: GlobalSizeLimit name: type: string x-go-name: Name override_target: type: string x-go-name: OverrideTarget use_extended_paths: type: boolean x-go-name: UseExtendedPaths type: object x-go-package: github.com/TykTechnologies/tyk/apidef VirtualMeta: properties: function_source_type: type: string x-go-name: FunctionSourceType function_source_uri: type: string x-go-name: FunctionSourceURI method: type: string x-go-name: Method path: type: string x-go-name: Path proxy_on_error: type: boolean x-go-name: ProxyOnError response_function_name: type: string x-go-name: ResponseFunctionName use_session: type: boolean x-go-name: UseSession type: object x-go-package: github.com/TykTechnologies/tyk/apidef apiAllKeys: description: apiAllKeys represents a list of keys in the memory store properties: keys: items: type: string type: array x-go-name: APIKeys type: object x-go-package: github.com/TykTechnologies/tyk apiModifyKeySuccess: description: apiModifyKeySuccess represents when a Key modification was successful properties: action: type: string x-go-name: Action key: description: 'in:body' type: string x-go-name: Key key_hash: type: string x-go-name: KeyHash status: type: string x-go-name: Status type: object x-go-package: github.com/TykTechnologies/tyk apiStatusMessage: description: apiStatusMessage represents an API status message properties: message: description: Response details type: string x-go-name: Message status: type: string x-go-name: Status type: object x-go-package: github.com/TykTechnologies/tyk securitySchemes: api_key: in: header name: X-Tyk-Authorization type: apiKey security: - api_key: []