Tyk Open Source API Gateway written in Go, supporting REST, GraphQL, TCP and gRPC protocols
sub
claim but different scopes in each policy. Now the session will be correctly configured for the claims provided in the policy used for each API request.tyk version
command that provides more details about the Tyk Dashboard build. This prints the release version, git commit, Go version used, architecture and other build details.allow_unsafe_oas
is not enabled.build_id
argument with the Tyk Plugin Compiler that prevents users from hot-reloading different versions of the same plugin compiled with different build_id
. The bug was introduced with the plugin module build change implemented in the upgrade to Go version 1.19 in Tyk 5.1.0.sub
claim but different scopes in each policy. Now the session will be correctly configured for the claims provided in the policy used for each API request.tyk version
command that provides more details about the Tyk Dashboard build. This prints the release version, git commit, Go version used, architecture and other build details.allow_unsafe_oas
is not enabled.enable_http2
to false
.tyk version
command that provides more details about the Tyk Gateway build. This prints the release version, git commit, Go version used, architecture and other build details.fallbackToDefault
, for Tyk Classic APIs it is fallback_to_default
.p
to the /api/logs
endpoint could lead to an out-of-memory scenario as the Dashboard would attempt to retrieve all logs in the system. Tyk will now return an HTTP 400 Bad Request
response if a non-integer value is provided. This fix mitigates the risk of accidentally or deliberately causing Tyk Dashboard to stop responding.use_standard_auth
to true, which actually enables Auth Token authentication.tyk version
command that provides more details about the Tyk Gateway build. This prints the release version, git commit, Go version used, architecture and other build details. It's used to provide more detailed information when raising support tickets, as well as facilitating some CI automation with the use of --json
flag.p
to the /api/logs
endpoint could lead to an out-of-memory scenario as the Dashboard would attempt to retrieve all logs in the system. Tyk will now return an HTTP 400 Bad Request
response if a non-integer value is provided. This fix mitigates the risk of accidentally or deliberately causing Tyk Dashboard to stop responding.use_standard_auth
to true, which actually enables Auth Token authentication.{ulid}
placeholder for analytics. This matches the existing UUID normalization. Thanks to @atkrad for the contribution.max_conn_time
, the timeout in effect was not deterministic. Timeouts larger than 0 seconds are now enforced for each request. The default value of proxy_default_timeout is now set to 30s. It previously used to wait forever.allow_unsafe_oas
. This permits the modification of Tyk OAS APIs via the Tyk Classic API endpoints. This is not recommended action due to the risk of inconsistent behaviour and potential for breaking changes while Tyk OAS is in Early Access. This is provided for early adopters and will be deprecated later, once Tyk OAS reaches full maturity.api_version
and api_id
query parameters were potential targets for SQL injection attack.uptime_tests.check_list
were not correctly handled. Uptime tests can now be configured for Tyk Classic APIs using the Raw API Definition editor.allow_unsafe_oas
. This permits the modification of Tyk OAS APIs via the Tyk Classic API endpoints. This is not recommended action due to the risk of inconsistent behaviour and potential for breaking changes while Tyk OAS is in Early Access. This is provided for early adopters and will be deprecated later, once Tyk OAS reaches full maturity.api_version
and api_id
query parameters were potential targets for SQL injection attack.uptime_tests.check_list
were not correctly handled. Uptime tests can now be configured for Tyk Classic APIs using the Raw API Definition editor.TYK_GW_HTTPSERVEROPTIONS_ENABLESTRICTROUTES
)max_conn_time
configuration option). This could lead to the Gateway eventually running out of sockets under heavy load, impacting performance.resource_sync.retry_attempts
defines the number of retries that the Gateway should perform during a resource sync (APIs or policies), defaults to zero which means no retries are attempted
resource_sync.interval
configures the fixed interval between each retry attempt (in seconds)reload_interval
that can be used to adjust the duration between reloads and hence optimise the performance of your Tyk deployment.TYK_GW_HTTPSERVEROPTIONS_ENABLESTRICTROUTES
)max_conn_time
configuration option). This could lead to the Gateway eventually running out of sockets under heavy load, impacting performance.resource_sync.retry_attempts
defines the number of retries that the Gateway should perform during a resource sync (APIs or policies), defaults to zero which means no retries are attempted
resource_sync.interval
configures the fixed interval between each retry attempt (in seconds)reload_interval
that can be used to adjust the duration between reloads and hence optimise the performance of your Tyk deployment.