An API Definition describes the configuration of an API. It instructs Tyk Gateway how to configure the API.
| Symbol | Description |
|---|---|
| ✅ | Fully supported |
| Untested / Requires Documentation | |
| ❌️ | Not currently supported |
| Type | Support | Comments |
|---|---|---|
| GraphQL - Proxy | ✅ | - |
| GraphQL - Universal Data Graph | API Change ETA December 2020 | |
| HTTP | ✅ | - |
| HTTPS️ | Partial Support - WIP integration with cert-manager & ingress | |
| TCP | ✅ | - |
| TLS | ✅ | - |
| Type | Supported | Comments |
|---|---|---|
| Path-Based | ✅ | - |
| Host-Based | Implemented - Untested | |
| Version-Based (Header) | Untested | |
| Version-Based (QueryString) | Untested | |
| Version-Based (Subdomain) | Untested |
| Type | Supported | Comments |
|---|---|---|
| Keyless (open) | ✅ | - |
| Static Bearer Token | ✅ | - |
| JWT | ❌️ | Not implemented |
| OpenID Connect | ❌ | Not implemented |
| OAuth2 | ❌ | Not implemented |
| mTLS | ❌ | Not implemented |
| HMAC | ❌ | Not implemented |
| Basic Authentication | ❌ | Not implemented |
| Plugin Auth - Go | ❌ | Not implemented |
| Plugin Auth - gRPC | ✅ | - |
| IP Whitelisting | ❌ | Not implemented |
| IP Blacklisting | ❌ | Not implemented |
| Type | Supported | Comments |
|---|---|---|
| Public Key Certificate Pinning | ❌ | Not implemented |
| Upstream Certificates mTLS | ❌ | Not implemented |
| Request Signing | ❌ | Not implemented |
| Feature | Supported | Comments |
|---|---|---|
| API Tagging | ✅ | - |
| Config Data | ❌ | Not Implemented |
| Context Variables | ✅ | - |
| Cross Origin Resource Sharing (CORS) | See ISSUE #3396 | |
| Custom Plugins - Go | Untested | |
| Custom Plugins - gRPC | ✅ | - |
| Custom Plugins - Javascript | ✅ | - |
| Custom Plugins - Lua | Untested | |
| Custom Plugins - Python | Untested | |
| Global Rate Limit | ❌ | Not Implemented |
| Segment Tags | ✅ | - |
| Tag Headers | ❌ | Not Implemented |
| Webhooks | ❌ | WIP #62 |
These are features which are only available to tyk PRO users
| Feature | Supported | Comment |
|---|---|---|
| Active API | ✅ | Untested |
| Endpoint Middleware | Supported | Comments |
|---|---|---|
| Analytics - Endpoint Tracking | Untested | |
| Availability - Circuit Breaker | ❌ | Incompatible types string vs float64 |
| Availability - Enforced Timeouts | ✅ | - |
| Headers - Global Request Add | ✅ | - |
| Headers - Global Request Remove | ✅ | - |
| Headers - Global Response Add | ✅ | - |
| Headers - Global Response Remove | ✅ | - |
| Performance - Cache | ✅ | - |
| Plugin - Virtual Endpoint | ✅ | - |
| Security - Allow list | Untested #92 | |
| Security - Block list | Untested #92 | |
| Security - Ignore list | Untested #92 | |
| Transform - Internal | Untested #93 | |
| Transform - Method | Untested #93 | |
| Transform - Mock | Untested #93 | |
| Transform - Request Body | ✅ | - |
| Transform - Response Body | ✅ | - |
| Transform - Request Body JQ | Untested - Requires JQ on Gateway Docker Image | |
| Transform - Response Body JQ | Untested - Requires JQ on Gateway Docker Image | |
| Transform - URL Rewrite Basic | ✅️ | - |
| Transform - URL Rewrite Advanced | Untested | |
| Validate - JSON Schema | ❌️ | Issue #59 |
| Validate - Limit Request Size | ✅️ | - |
Please visit the API migration page for more info