An API Definition describes the configuration of an API. It instructs Tyk Gateway how to configure the API.
To check the supported features of the API Definitions CRD version you're currently using, please use the "Switch branches / tags" feature on GitHub and select corresponding version tag.
Implemented Capabilities / Support Status
Symbol
Description
✅
Fully supported
⚠️ Untested / Requires Documentation
❌️
Not currently supported
Type
Supported
Supported From
Comments
Sample
Path-Based
✅
v0.1
-
Sample
Host-Based
✅
v0.1
-
Sample
Version-Based (Header)
⚠️ v0.1
Untested
Version-Based (QueryString)
⚠️ v0.1
Untested
Version-Based (Subdomain)
⚠️ v0.1
Untested
Client to Gateway Authentication
Type
Supported
Supported From
Comments
Sample
Keyless (Open)
✅
v0.1
-
Sample
Static Bearer Token
✅
v0.1
-
Sample
JWT
✅️
v0.5
-
Sample
OAuth2 - Client Credentials
✅️
v0.6
-
Sample
OAuth2 - Authorization Code
⚠️ v0.6
Untested
OAuth2 - Authorization Code + Refresh Token
⚠️ v0.6
Untested
OAuth2 - Implicit
⚠️ v0.6
Untested
OAuth2 - Password
⚠️ v0.6
Untested
OpenID Connect
❌
-
Not implemented
mTLS
✅
v0.11
Only static client mTLS is supported
Sample
HMAC
❌
-
Not implemented
Basic Authentication
✅
v0.12
Only enabling with default metadata values is supported
Sample
Multiple (Chained) Auth
✅
v0.14
-
Sample
Plugin Auth - Go
✅
v0.11
-
Sample
Plugin Auth - gRPC
✅
v0.1
-
Sample
IP Whitelisting
✅
v0.5
-
Sample
IP Blacklisting
✅
v0.5
-
Sample
Gateway to Upstream Authentication
Type
Supported
Supported From
Comments
Sample
Public Key Certificate Pinning
✅
v0.9
Sample
Upstream Certificates mTLS
✅
v0.9
From Secret or Manual Upload
Request Signing
❌
-
Not implemented
Feature
Supported
Supported From
Comments
Sample
API Tagging
✅
v0.1
-
Config Data
✅
v0.8.2
-
Sample
Context Variables
✅
v0.1
-
Cross Origin Resource Sharing (CORS)
✅
v0.2
-
Sample
Custom Plugins - Go
⚠️ v0.1
Untested
Custom Plugins - gRPC
✅
v0.1
-
Sample
Custom Plugins - Javascript
✅
v0.1
-
Sample
Custom Plugins - Lua
⚠️ v0.1
Untested
Custom Plugins - Python
⚠️ v0.1
Untested
Custom Plugins - Analytics Plugin
✅
v0.16.0
-
Sample
Global Rate Limit
✅
v0.10
-
Sample
Segment Tags
✅
v0.1
-
Sample
Tag Headers
⚠️ -
Untested
Webhooks
❌
-
WIP #62
Looping
⚠️ v0.6
Untested
Sample
Active API
✅
v0.2
Only available to Tyk Self Managed (Pro) users
Sample
Round Robin Load Balancing
✅
-
-
Sample
APIDefinition - Endpoint Middleware
Endpoint Middleware
Supported
Supported From
Comments
Sample
Analytics - Endpoint Tracking
✅
v0.1
Sample
Availability - Circuit Breaker
✅
v0.5
-
Sample
Availability - Enforced Timeouts
✅
v0.1
-
Sample
Headers - Global Request Add
✅
v0.1
-
Sample
Headers - Global Request Remove
✅
v0.1
-
Sample
Headers - Global Response Add
✅
v0.1
-
Sample
Headers - Global Response Remove
✅
v0.1
-
Sample
Performance - Cache
✅
v0.1
-
Sample
Plugin - Virtual Endpoint
✅
v0.1
-
Sample
Security - Allow list
✅️
v0.8.2
-
Sample
Security - Block list
✅️
v0.8.2
-
Sample
Security - Ignore list
✅
v0.8.2
-
Sample
Transform - Internal
⚠️ v0.1
Untested
Transform - Method
✅
v0.5
-
Sample
Transform - Mock
✅
v0.1
-
Sample
Transform - Request Body
✅
v0.1
-
Sample
Transform - Response Body
✅
v0.1
-
Sample
Transform - Request Body JQ
⚠️ v0.1
Untested - Requires JQ on Gateway Docker Image
Transform - Response Body JQ
⚠️ v0.1
Untested - Requires JQ on Gateway Docker Image
Transform - URL Rewrite Basic
✅️
v0.1
-
Sample
Transform - URL Rewrite Advanced
⚠️ v0.1
Untested
Validate - JSON Schema
✅
v0.8.2
-
Sample
Validate - Limit Request Size
✅️
v0.1
-
Sample
APIDefinition - Migrating Existing APIs Please visit the API migration page for more info
Understanding reconciliation status Please visit Latest Transaction Status page to see how you can check latest APIDefinition reconciliation status.