tyk

Tyk Open Source API Gateway written in Go, supporting REST, GraphQL, TCP and gRPC protocols

OTHER License

Stars
9.2K
Committers
115
View Code on GitHub
Ecosystems: gRPC, GraphQL, Go, Kubernetes

Bot releases are visible (Hide)

tyk - Tyk v3.0.1

Published by buger about 4 years ago

Tyk Gateway v3.0.1

Tyk Dashboard v3.0.1

  • Fix DocumentDB API listing
  • Fix default permissions during SSO login
  • Deprecated organization key events (now enabled all the time)
  • Fix registration of new developers though SSO when using built-in Dashboard SSO
  • Do not hide developers when the policy of their subscription was removed, and API ownership enabled
  • Fixed built-in Dashboard SSO when multiple dashboard instances used

Upgrade notice

If you started using GraphQL APIs, introduced in v3.0.0, after upgrading the dashboard you need to run tyk-analytics migration cli command. This command will migrate GraphQL apis from 3.0.0 to 3.0.1 format. If you not using GraphQL APIs it is not needed.

tyk - Tyk Gateway 2.9.4.3, Tyk Dashboard 1.9.4.3

Published by buger about 4 years ago

Tyk Gateway 2.9.4.3

Tyk Dashboard 1.9.4.3

  • Fixed dashboard bootstrapping when using TLS
tyk - Tyk 3.0

Published by buger over 4 years ago

Our major release!

See full release notes here: https://tyk.io/docs/release-notes/version-3.0/

tyk - Tyk Gateway v2.9.4.2

Published by buger over 4 years ago

tyk - Tyk Gateway 2.9.4.1, Tyk Dashboard 1.9.4.1, Tyk Pump v0.8.5.1, Tyk MDCB v1.7.4

Published by buger over 4 years ago

The last patch released introduced improved package signing changes, however, we found that some old RPM base systems, do not support signing using sub-keys. So we have released packages for all products, to fix that issue.

Additional changes:

Tyk Gateway 2.9.4.1

Tyk Dashboard 1.9.4.1

  • Fixed OAuth token revocation even propagation in multi-datacenter scenario
  • Fixed bug preventing using SSO lookup together with temporary SSO users.
  • Fixed UI bug which adds double OrgID to the certificate IDs when using certificate modal

Tyk MDCB 1.7.4

  • Fixed OAuth token revocation even propagation in multi-datacenter scenario
tyk - Tyk Gateway 2.9.4, Tyk Dashboard 1.9.4, Tyk Pump 0.8.5, Tyk MDCB 1.7.3

Published by buger over 4 years ago

All products

The keys that we use to sign our RPM packages have changed. This means that those of you who ask rpm to verify these keys will have to update the key. The documentation is at https://tyk.io/docs/getting-started/installation/with-tyk-on-premises/redhat-rhel-centos/gateway/#step-2-create-tyk-gateway-repository-configuration and for your reference the new key is
http://keyserver.tyk.io/tyk.io.rpm.signing.key.2020
The old key (http://keyserver.tyk.io/tyk.io.rpm.signing.key) will remain accessible for now but this is not guaranteed.

As part of this, we have started to origin-sign our Debian packages. Please see https://tyk.io/docs/getting-started/installation/with-tyk-on-premises/on-ubuntu/gateway/ for more.

Tyk Gateway 2.9.4

Tyk Dashboard 1.9.4

Tyk Pump 0.8.5

Tyk MDCB 1.7.3

  • Added support for passing OAuth token revocation event to the slave datacenters.
tyk - Tyk Gateway v2.9.3.2

Published by buger over 4 years ago

Tyk Gateway v2.9.3.2

tyk - 2.9.3.1

Published by buger over 4 years ago

  • Fixed usage of JWT auth middleware in multi-auth scenario
tyk - 2.9.3-old-go

Published by buger over 4 years ago

tyk - Tyk Gateway v2.9.3, Tyk Dashboard 1.9.3, Tyk Pump 0.8.4, Tyk MDCB 1.7.2, Tyk Identity Broker 0.7.1

Published by buger over 4 years ago

Tyk Gateway 2.9.3

Tyk Dashboard 1.9.3

  • Now each authentication middleware can have its own configuration for authentication header name, query param, or cookie name.
  • Now you can set metadata for a Policy.
  • Dashboard notifications now do not require exposing a separate port.
  • Added Redis Sentinel support, using the new redis_master_name variable.
  • Added new storage.addrs string array field, to specify a list of hosts, instead of storage.hosts. This allows you to specify Redis servers on the same domain but different ports.
  • Improved form validation on Pages screen
  • Disabling versioning now should not remove endpoints from the first version
  • Fixed duplication when updating an OAuth client
  • Fix OAuth client screen to allow you to pick a policy which has multiple APIs https://github.com/TykTechnologies/tyk-analytics-ui/issues/1572
  • Fixed disable_parallel_sessions behavior when using Single Sign-On
  • Fixed license update screen, which was not working with multiple dashboards. Now dashboard will use mongo to store and distribute license across multiple dashboards.

Tyk Pump 0.8.4

  • Added Redis Sentinel support, using new storage.master_name variable.
  • Added new storage.addrs string array field, to specify a list of hosts, instead of storage.hosts. This allows you to specify Redis servers on the same domain but different ports.
  • ElasticSearch pump extended with decode_base64 boolean option, in order to skip base64 encoding for raw request and response objects.

Tyk MDCB 1.7.2

  • Added Redis Sentinel support, using the new storage.master_name variable.
  • Added new storage.addrs string array field, to specify a list of hosts, instead of storage.hosts. This allows you to specify Redis servers on the same domain but different ports.

Tyk Identity Broker 0.7.1

  • You can now configure requested scopes for an OpenID plugin, using the “scopes” string array https://github.com/TykTechnologies/tyk-identity-broker/issues/75
  • Fixed setting UseSSL and SSLInsecureSkipVerify fields for Redis backend https://github.com/TykTechnologies/tyk-identity-broker/issues/80
  • Added support for specifying User Group ID inside profiles. You can set the static value via DefaultGroupID or dynamic value based on the field of oAuth/OpenID scope using CustomUserGroupField and UserGroupMapping fields. Example: 
    {
  "DefaultUserGroupID": "default-user-group",
  "CustomUserGroupField": "scope",
  "UserGroupMapping": {
    "admin": "<admin-group-id>",
    "analytics": "<analytics-group-id>"
  }
}
tyk - Tyk Gateway v2.8.7

Published by buger over 4 years ago

  • Fixed a bug when during high concurrency oAuth flows stops working after Redis failover
tyk - Tyk Gateway v2.8.6 and Tyk Dashboard v1.8.6

Published by buger almost 5 years ago

Tyk Gateway v2.8.6

  • Distributed rate limiter algorithm (turned on by default), now switch to using Redis for increased accuracy if the session rate is less than current amount of servers in cluster multiplied by a constant specified by drl_threshold in tyk.conf. The default value is 5, which means that if you have 2 servers, and session rate is less then 2 * 5, e.g. 10, such session will use Redis algorithm for rate-limiting, otherwise in-memory algorithm.
  • Added way to force validation of certificate CommonName, even if SAN is non-empty. Can be set either globally via setting ssl_force_common_name_check to true in tyk.conf or by setting proxy.transport.ssl_force_common_name_check inside API definition

Tyk Dashboard v1.8.6

  • Added support for specifying proxy.transport.ssl_force_common_name_check attribute via RAW API editor
tyk - Tyk Gateway 2.9.2, Tyk Dashboard 1.9.2, Tyk Pump 0.8.3, Tyk MDCB 1.7.1

Published by furkansenharputlu almost 5 years ago

Tyk Gateway 2.9.2

  • Fixed Open Tracing issues [#2655, #2685, #2688]
    This Addresses an issue where middleware such as mocked responses, url rewrites, method transform & versioning would stop working when tracing is enabled.

  • Added ignore case option for Whitelist/Blacklist/Ignore plugins [#2330]
    For example, if /orderpizza is whitelisted, then any combination of upper/lowercase can be whitelisted thanks to ignore case option- /orderPizza, /OrderPizza, /orDerpiZZa etc.

  • Ignore plugin can now be used with URL rewrite [#2579]
    The purpose of the ignore plugin is to bypass authentication. This had an adverse effect in that it also bypassed several other middlewares such as URL rewrite. The Ignore plugin no longer causes relevant middleware to be bypassed.

  • OAuth client metadata is now applied to OAuth token [#2682]

  • OAuth error code is now configurable [#2381]
    It is now possible to tune the error status code by modifying oauth_error_status_code in tyk.conf. If no value is set, it defaults to a 403 error.

  • Added RSA support in request signing middleware [#2452]
    Request Signing middleware previously only supported HMAC. This is now extended to support RSA.

  • Circuit Breaker plugin now trips for any 5xx status code, not just 500 [#2660]

  • ⚠️ Deprecated auth field in favour of auth_configs in api definition object [#2580]

{
  "auth_configs": {
    "authToken": {"auth_header_name": "My-Auth-Header-Key"}
    "basic": {"auth_header_name": "My-Basic-Auth-Header-Key"},
    ...
  }
}

This enables better control with multiple chained authentication mechanisms enabled for an API. Now we can set distinct Headers for different auth modes.

  • Redis MGET driver fix in cluster mode [#2703]
    Commands performing multiple keys operations (such as MGET) cannot be supported when using a cluster of Redis nodes because they are commands meant to operate atomically on a single node. MGET has been resolved by aggregating the result of several GET commands.

Tyk Dashboard 1.9.2

  • Resolved a UI error which made it impossible to delete a portal navigation item from the admin dashboard

  • Improved guidance for custom domains regex in Dashboard API Designer

  • Updating the developer portal catalogue no longer generates a new URL for portal documentation. This allows portal documentation to be shared publicly and updated without causing 404 broken links

  • Converted API version expiry date to UTC format to handle timezone differences

  • Fixed catalogue issues during a key request in a multi-selection flow
    Require Key Approval feature wasn't working correctly in a multi API flow. Now, all cases are fixed.

  • Fixed pagination issues
    Page count was wrong on some lists such policies, APIs etc.

  • Showed policy name along with ID for OIDC authentication
    On OIDC authentication, once a policy is added, it is identified by the policy ID, rather than the name. Now, It displays both the policy name and ID.

  • Fixed the issue that a user can login to multiple sessions through TIB even with disable_parallel_sessions is set to true

  • Fixed URL rewrite triggers in case of API update
    When updating an API through the dashboard, the API was incorrectly modified and the advanced rewrite "match" value was incorrectly changed from true to false.

  • Fixed broken key update/delete events that affect Multi-Cloud installations
    Internal key event names were refactored but this broke backwards compatibility so we have returned back to the previous event names.

Tyk Pump 0.8.3

  • Handled unsupported MongoDB characters [TykTechnologies/tyk-pump/issues/113]
    MongoDB doesn't support . in parent field names. Should a path contain . , mongoDB would get corrupted. We have now replaced the . character with its Unicode equivalent.

  • Added support for pumping to an Elasticsearch Cluster [TykTechnologies/tyk-pump/pull/180]
    Previously, it was only possible to pump analytics to a single Elasticsearch endpoint. Due to this limitation, it was not previously possible to support Elasticsearch clusters.

  • Resolved issue where aggregate TCP proxy analytics were incorrectly calculated [TykTechnologies/tyk-pump/issues/182]

Tyk MDCB 1.7.1

  • Enable http profiling by setting "enable_http_profiler": true in tyk_sink.conf

  • Added new configuration options:
    ignore_tag_prefix_list (in mongo aggregate and hybrid pump): It will not store analytics for tags having a prefix specified in the list. Note: The prefix "key-" is added in the list by default. This tag is added by the Gateway for keys.

    threshold_len_tag_list (in mongo aggregate pump): If the number of tags in a document grows beyond a specified value, the pump will throw a warning. The warning will print the top 5 common tag prefixes. The default value is 1000. To disable alerts set it to -1.

    store_analytics_per_minute: Currently, aggregate data is generated per hour. If this option is enabled, aggregate data will be generated per minute.

    track_all_paths: Currently, analytics for an endpoint is stored only if the Track Endpoint plugin is enabled on that endpoint. If track_all_paths is enabled, it will store analytics for all the endpoints, irrespective of Track Endpoint plugin.

  • Fixed Redis connection leak

tyk - Tyk Gateway 2.9.1, Tyk Dashboard 1.9.1, Tyk Pump 0.8.1

Published by buger almost 5 years ago

Tyk Gateway 2.9.1

Tyk Dashboard 1.9.1

  • Allow creating keys with public certificates inside portal and developer admin
  • Added new event for Key request rejection
  • Send email to Catalogue Owner, Admin if Key Request rejected
  • Send email to Developer when Key request is rejected and Key is deleted
  • Extend and key request notifications emails to add List of APIs, API auth type and developer information.
  • Analytics API extended to return upstream latency information
  • Added last login data for portal developers and users
  • Fixed approval for Portal multi-selection key requests
  • Fixed validation for oAuth redirect-url on the Developer page
  • Fixed oAuth analytics filtering by API ID when aggregate_logs are enabled
  • Fixed using oAuth mixed policy (with auth token APIs) when creating new Oauth client
  • Fixed Certificate search returned incorrect URL

Tyk Pump 0.8.1

  • Add support for processing upstream latency information:
    New fields in Aggregate Analytics Counter:
    max_upstream_latency: Records maximum upstream latency
    min_upstream_latency: Records minimum upstream latency
    total_upstream_latency: Records total upstream latency
    max_latency: Records maximum end-to-end latency
    min_latency: Records minimum end-to-end latency
    total_latency: Records total end-to-end latency
    latency: Avg latency
    upstream_latency: Avg upstream latency
tyk - v2.8.5

Published by buger about 5 years ago

Tyk Gateway 2.8.5

  • Fix duplication of key tags
  • Fixed key logging obfuscation when using MDCB/Multi-Cloud
tyk - Tyk Gateway 2.8.4, Tyk Dashboard 1.8.4, Tyk Pump 0.7.1

Published by buger about 5 years ago

Tyk Gateway 2.8.4

  • Fix formatting of JSON Schema validation messages
  • Fix redirects inside JSVM plugins
  • Fix JSVM TykMakeHttpRequest to pass queries string variables for GET requests
  • Fix work with URLs which contain / literal as part of URL part
  • Fix using global timeout option for Service discovery
  • Fix when body transform plugin used together with JSON schema validation
  • Fix panic if service discovery returns malformed JSON
  • OAuth token generation endpoint now supports JSON format (if you pass proper Content-Type)

Tyk Dashboard 1.8.4

  • Add a way to view key hash on key form
  • Fix API and Key error breakdown reports
  • Fix support for Mongo 3.2
  • Fix passing SMTPAddress via ENV variables: added new SMTPPort variable to avoid using : character
  • Respect API Version character case
  • Improve validation of Key form
  • Add custom fields option to the developer screen

Tyk Pump 0.7.1

  • Fix analytics per API
  • Improve performance of InfluxDB pump by using batch writes
tyk - Tyk Gateway 2.8.3, Tyk Dashboard 1.8.3, Tyk Pump 0.7, Tyk MDCB 0.6.1

Published by buger over 5 years ago

Tyk Gateway 2.8.3

Tyk Dashboard 1.8.3

  • Fixed key hashed events in MDCXB/Hybryd envois
  • Fix key updates when access rules handled by Keys and Quotas by policies
  • Make CNAME unique for org
  • Added new analytics endpoint for tracked paths to get info in context of Key or oAuth client:
* /api/activity/keys/endpoint/:keyId/:sday/:smonth/:syear/:eday/:emonth/:eyear
 Returns activity for unique API+Path for given key
    * /api/activity/oauthid/endpoint/:oauthid/:sday/:smonth/:syear/:eday/:emonth/:eyear
 Returns activity for unique API+Path for given OAuthClient ID

Tyk Pump 0.7.0

Tyk MDCB 0.6.1

  • Fix private certificate decoding
  • Fix quota reset events for hashed keys
tyk - Tyk Gateway 2.8.2 and Tyk Dashboard 1.8.2

Published by buger over 5 years ago

Tyk Gateway 2.8.2

  • Added xmlMarshal body transform template function
  • Notify developers about quota usage threshold. Require monitor to be configured, and Dashboard 1.8.2
  • Added way to specify default JWT policy IDs via jwt_default_policies field in API spec. Now it allows cases when you can’t modify JWT token.
  • Fixed policy change propagation for deleted APIs
  • Improve performance by not running profiling code if instrumentation not enabled
  • Fix body compression error if cache is used

Tyk Dashboard 1.8.2

  • Added way to specify granular access to API and related objects, by specifying list of user or user group owners on API screen. To turn on set enabled_ownersip too true
  • Now you can specify notifications email on portal and catalogues levels. Support multiple emails separated by comma.
  • Show link to raw swagger file when
  • Fix SSO display name handling when First and Last name is blank
  • Fix audit for key update and logout events
  • Fix password notifications “from” address. Now it should use portal settings.
tyk - Tyk Gateway 2.8.1 and Tyk Dashboard 1.8.1

Published by buger over 5 years ago

Tyk Gateway 2.8.1

Tyk Dashboard 1.8.1

  • Fixed creation of static pages
  • Fix key revocation from the Developer page
  • Prevent requesting multiple key requests for the same API
  • Fixed multi-org issue when org has 2 users with the same email
  • Prevent dashboard panic when mongo have issues
  • Add support for Azure CosmosDB
  • Add Host field to log viewer
  • Don’t set dashboard port to portal port when portal on a custom domain
  • Allow admin to reset password for users (if has permission)
  • Various fixes and UX improvements
Package Rankings
Top 1.05% on Proxy.golang.org
Badges
Extracted from project README
FOSSA Status GitHub Latest Release GitHub Release Date Docker Pulls GitHub Workflow Status (with event) Go Report Card GitHub Repo Stars GitHub Repo Forks
Related Projects
kyverno

Kubernetes Native Policy Management

04 Feb 2019 5,090
go-api-boilerplate

Go Server/API boilerplate using best practices DDD CQRS ES gRPC

14 Oct 2017 888
coolstore-microservices

A full-stack .NET microservices build on Dapr and Tye

01 Jun 2018 2,475
apiclarity

An API security tool to capture and analyze API traffic, test API endpoints, reconstruct Open API...

02 Sep 2021 477
apisix

The Cloud-Native API Gateway

10 Apr 2019 13,769
arkade

Open Source Marketplace For Developer Tools

26 Feb 2020 4,211
typhoon

Minimal and free Kubernetes distribution with Terraform

07 Aug 2017 1,907
authelia

The Single Sign-On Multi-Factor portal for web apps

07 Dec 2016 21,292
kubeclarity

KubeClarity is a tool for detection and management of Software Bill Of Materials (SBOM) and vulne...

10 Aug 2024 26
nxplorerjs-microservice-starter

Node JS , Typescript , Express based reactive microservice starter project for REST and GraphQL APIs

23 Jun 2017 233
tke

Native Kubernetes container management platform supporting multi-tenant and multi-cluster

06 Nov 2019 1,473
booking-microservices

Practical microservices, built with .Net 8, DDD, CQRS, Event Sourcing, Vertical Slice Architectur...

07 May 2022 912
glasskube

🧊 The next generation Package Manager for Kubernetes 📦 Featuring a GUI and a CLI. Glasskube packa...

11 Jan 2024 2,778
dyrectorio

dyrector.io is a self-hosted continuous delivery & deployment platform with version management.

27 Jun 2022 1,122
yokai

Simple, modular, and observable Go framework for backend applications.

10 Jan 2024 365