Tyk 2.8: Feel The Force

Busy, Tyk has been these last few months. We’ve travelled to galaxies far, far away (well, Melbourne), enlisted new recruits to join our mission and trained our Tyks at the annual company retreat.

With so much going on here, you’d be forgiven for wondering if we’ve forgotten our day job: building an intergalactic API Management Platform to help you wrangle your APIs.

Good news: we haven’t. But before we released Tyk 2.8 we did want to spend some time checking in with our people, inside and outside Tyk, to ensure we’re on the right track.

The way we see it – digital transformation and shiny whizzy automated processes are super exciting and powerful – but where would they be without the people behind them?

It’s (not) a trap!

Whether it’s a developer playing with your API to build something new, an internal system to streamline processes for your customers, or even our own in-house QA pulling the product to pieces before it gets to you; connecting people so they can create great things together is our jam. Think of it as the Tyk Force, if you will.

As well as taking more time to nurture our talented team, we’ve taken the time to work with Tyk users to make our 2.8 edition even better at allowing you to benefit from the human connections that APIs need to grow – namely the Tyk Developer Portal.

And, let’s face it, it wouldn’t be Tyk if it wasn’t for some gnarly sci-fi shiz too.

Pew Pew

Read the Tyk 2.8 release notes to feel the full (feature) force, or carry on for our pick of the latest features.

Throwing our open source Gateway users for a loop  

Yo Dawg I heard you like looping

One of our most exciting Gateway additions to date, Tyk 2.8 enables looping, making Tyk almost Turing complete i.e capable of completing any basic computation task you give it.

For URL rewrites, for example, instead of rewriting to an HTTP endpoint, you now can tell Tyk to internally run its request pipeline one more time, but for another specified endpoint. We call it called looping or ‘adding a loop’.

What’s more, this is an open source gateway feature, which means every Tyk user from community users through to the biggest enterprises on Tyk will benefit.

Used together with our advanced URL rewriter rules, it can be turned into a powerful logical block, replacing the need for writing middleware or virtual endpoints in many cases.

Here’s one example why looping’s so powerful

Cat in space

If this all sounds pretty confusing… that’s because it is! So here’s an example to help break it down.

You have a service endpoint called /sms and this endpoint can send a text message to either Twillio, Sendgrid or Amazon SES. However, you can only determine which provider API to use by looking at which user sent the request. The user does not know (nor care, frankly), what underlying platform is being used to serve this feature, and will simply send a standardised payload to this known endpoint. All they want to do is make a request and get that message sent.

With looping, you can now create three more endpoints: /twillio, /ses, and /sendgrid – with each of these specific to the relevant upstream service. From here they then use a request transform to modify your standardised payload into the specialised payload for the service, and also add any authentication data needed for the user, or your own company, in order to send the message via the service.

When a user now sends a payload to /sms, the endpoint will use the advanced rewriter to detect whether or not the internal token metadata (data you have assigned to the user when assigning the token) contains an “sms provider” annotation. The rewriter will then “loop” the request back through the gateway to the “/{sms-provider}” endpoint, completely transparently to the user.

This means that the logic for handling payload transformation, and the logic for handling context-based routing are separated out (and invisible to the user). It also means you can measure service usage independently without exposing that decision to the end-user. Lastly, it makes it trivial for you to change the provider of your SMS service very quickly, as all you need to do is change the smart-routing rules.

This can be even more useful if the request is being retried, or there was a failure the first time around, the second request could be flagged by the client as a retry, and force the routing logic to use an alternative, or backup, provider to guarantee the message is sent.

What can we say: travelling through hyperspace truly ain’t like dusting crops.

Find your API Masters in, and outside, your team

As an open source project, we know how important community is when it comes to driving, and improving, kick-as engineering, so we’ve focused on putting this at the heart of Tyk’s latest update for your APIs.

Tyk 2.8 brings a bunch of exciting developer portal updates that help you better connect with your community, and in particular those who can take your API to the next level.

From better developer onboarding, improved oAuth portal support, and dynamic, user-focused API catalogues, Tyk 2.8’s developer portal is your window to a whole galaxy of talented engineers that your company could be benefitting from.

These aren’t the droids you’re looking for… have some APIs instead

Tyk 2.8 brings you a nifty feature that allows you to create different, custom developer portals for the same API, based on rules you’ve created, and attributes like Developer ID, email address, or organisation.

This means that you can now display or hide different APIs, endpoints and other portal content depending on developer profile. The portal can then be optimised for whether your developer is internal or external, in one product team or another, or based on their level of paid access.

Power, unlimited power! (With multi-org users for your dev portal)

Got Dev, UAT *and* Production orgs going on for your APIs? Good news –  with our new multi-org users feature you can now switch between dashboards quickly and easily, by creating users with the same email address in different organisations.

Once created, users will then be able to select an organisation when logging in, and can easily switch between organisations via the navigation menu.

Keep your developer portal away from the dark side

2.8 sees significant user experience and security improvements for developer management, making it easier for your own rebel alliance to interact with your API.

    • You can now manually create developer subscriptions from the developer screen.
    • We’ve added a quick way to change a subscription policy and reset a quota
    • All actions on the developer screen now only require developer permissions
    • You can now add open (keyless) APIs to the developer portal. You have the same functionality as for closed APIs, except for key generation, which is disabled.
    • Enhanced oAuth support to keep your dev portal users

Tyk 2.8: Your only hope


As a wise little green blob once said, size matters not.

And from one little green blob to another: we’re inclined to agree.

Tyk might be smaller in size compared to the rest of her peers, but there’s great power in her performance, flexibility, and the community that surrounds her, whatever kind of Tyk they use.

On Tyk Cloud? You don’t have to do anything. The Gateway and Dashboard will be updated automatically.

Running Tyk Multicloud or running On-Premises? The release is available right away via packages and Docker. Head over to the Upgrade Guide and follow the instructions.

Not using Tyk yet? What are you waiting for? Get started on Tyk now.