源文件:https://github.com/TykTechnologies/tyk-swagger-definitions/blob/master/tyk_gateway_api.yml
swagger: '2.0'
info:
version: "1.9"
title: Gateway REST API
paths:
/tyk/keys/:
get:
description: |
Gets a list of *key* IDs (will only work with non-hashed installations)
parameters:
-
name: api_id
in: query
description: Back-end to target
required: true
type: string
format: string
-
name: x-tyk-authorization
in: header
description: tyk gateway shared secret
required: true
type: string
format: string
responses:
200:
description: Successful response
schema:
type: object
properties:
keys:
type: array
items:
type: string
/tyk/keys/create:
post:
description: |
Create a new *API token* with the *session object* defined in the body
parameters:
-
name: x-tyk-authorization
in: header
description: tyk gateway shared secret
required: true
type: string
format: string
-
name: suppress_reset
in: query
description: Adding the `suppress_reset` parameter and setting it to `1`, will cause Tyk to not reset the quota limit that is in the current live quota manager. By default Tyk will reset the quota in the live quota manager (initialising it) when ADDing a key. Adding the `suppress_reset` flag to the URL parameters will avoid this behaviour.
required: false
type: number
format: integer
-
name: session_object
in: body
schema:
$ref: '#/definitions/SessionObject'
responses:
200:
description: Key Created Response
schema:
type: object
properties:
key:
type: string
status:
type: string
enum:
- ok
- error
action:
type: string
enum:
- create
/tyk/keys/{keyId}:
put:
description: |
Update an *API token* with the *session object* defined in the body, this operatin overwrites the existing object
parameters:
-
name: x-tyk-authorization
in: header
description: tyk gateway shared secret
required: true
type: string
format: string
- name: keyId
in: path
type: string
description: Access Token
required: true
-
name: suppress_reset
in: query
description: Adding the `suppress_reset` parameter and setting it to `1`, will cause Tyk to not reset the quota limit that is in the current live quota manager. By default Tyk will reset the quota in the live quota manager (initialising it) when ADDing a key. Adding the `suppress_reset` flag to the URL parameters will avoid this behaviour.
required: false
type: number
format: integer
-
name: session_object
in: body
schema:
$ref: '#/definitions/SessionObject'
-
name: api_id
in: query
description: Back-end to target
required: true
type: string
format: string
responses:
200:
description: Key Updated Response
schema:
type: object
properties:
key:
type: string
status:
type: string
enum:
- ok
- error
action:
type: string
enum:
- modified
post:
description: |
Add a pre-specified *API token* with the *session object* defined in the body, this operatin creates a custom token that dsoes not use the gateway naming convention for tokens
parameters:
-
name: x-tyk-authorization
in: header
description: tyk gateway shared secret
required: true
type: string
format: string
- name: keyId
in: path
type: string
description: Access Token
required: true
-
name: session_object
in: body
schema:
$ref: '#/definitions/SessionObject'
responses:
200:
description: Key Added Response
schema:
type: object
properties:
key:
type: string
status:
type: string
enum:
- ok
- error
action:
type: string
enum:
- added
delete:
description: |
Remove this *API token* from the gateway, this will completely destroy the token and metadata associated with the token and instantly stop access from being granted
parameters:
-
name: x-tyk-authorization
in: header
description: tyk gateway shared secret
required: true
type: string
format: string
- name: keyId
in: path
type: string
description: Access Token
required: true
-
name: api_id
in: query
description: Back-end to target
required: true
type: string
format: string
responses:
200:
description: Key Deleted Response
schema:
type: object
properties:
key:
type: string
status:
type: string
enum:
- ok
- error
action:
type: string
enum:
- deleted
/tyk/apis/:
get:
description: |
Gets a list of *API Definition* objects that are currently live on the gateway
parameters:
-
name: x-tyk-authorization
in: header
description: tyk gateway shared secret
required: true
type: string
format: string
responses:
200:
description: Succesful list response
schema:
$ref: '#/definitions/APIDefinitionList'
post:
description: |
Create an *API Definition* object
parameters:
-
name: api_definition
in: body
schema:
$ref: '#/definitions/APIDefinition'
responses:
200:
description: Succesful API Deletion
schema:
type: object
properties:
key:
type: string
status:
type: string
enum:
- ok
- error
action:
type: string
enum:
- updated
/tyk/apis/{apiID}:
get:
description: |
Gets an *API Definition* object, if it exists
parameters:
-
name: x-tyk-authorization
in: header
description: tyk gateway shared secret
required: true
type: string
format: string
- name: apiID
in: path
type: string
description: API ID
required: true
responses:
200:
description: Succesful API response
schema:
$ref: '#/definitions/APIDefinition'
delete:
description: |
Deletes an *API Definition* object, if it exists
parameters:
-
name: x-tyk-authorization
in: header
description: tyk gateway shared secret
required: true
type: string
format: string
- name: apiID
in: path
type: string
description: API ID
required: true
responses:
200:
description: Succesful API Deletion
schema:
type: object
properties:
key:
type: string
status:
type: string
enum:
- ok
- error
action:
type: string
enum:
- deleted
put:
description: |
Updates an *API Definition* object, if it exists
parameters:
-
name: x-tyk-authorization
in: header
description: tyk gateway shared secret
required: true
type: string
format: string
- name: apiID
in: path
type: string
description: API ID
required: true
-
name: api_definition
in: body
schema:
$ref: '#/definitions/APIDefinition'
responses:
200:
description: Succesful API Deletion
schema:
type: object
properties:
key:
type: string
status:
type: string
enum:
- ok
- error
action:
type: string
enum:
- updated
/tyk/health/:
get:
description: |
Gets the health check values for an API if it is being recorded
parameters:
-
name: x-tyk-authorization
in: header
description: tyk gateway shared secret
required: true
type: string
format: string
-
name: api_id
in: query
description: API ID to query
required: true
type: string
format: string
responses:
200:
description: Succesful healthcheck response
schema:
type: object
properties:
throttle_requests_per_second:
type: number
quota_violations_per_second:
type: number
key_failures_per_second:
type: number
average_upstream_latency:
type: number
average_requests_per_second:
type: number
/tyk/reload/:
get:
description: |
Will reload the targetted gateway
parameters:
-
name: x-tyk-authorization
in: header
description: tyk gateway shared secret
required: true
type: string
format: string
responses:
200:
description: Succesful reload response
schema:
type: object
properties:
status:
type: string
error:
type: string
/tyk/reload/group:
get:
description: |
Will reload the cluster via the targeted gateway
parameters:
-
name: x-tyk-authorization
in: header
description: tyk gateway shared secret
required: true
type: string
format: string
responses:
200:
description: Succesful reload response
schema:
type: object
properties:
status:
type: string
error:
type: string
/tyk/oauth/clients/create:
post:
description: |
Create a new OAuth client
parameters:
-
name: x-tyk-authorization
in: header
description: tyk gateway shared secret
required: true
type: string
format: string
-
name: oauth_client
in: body
schema:
type: object
properties:
api_id:
type: string
redirect_uri:
type: string
responses:
200:
description: Succesful create response
schema:
$ref: '#/definitions/OAuthClient'
/tyk/oauth/clients/{apiId}/{clientId}:
delete:
description: |
Delete the OAuth client
parameters:
-
name: x-tyk-authorization
in: header
description: tyk gateway shared secret
required: true
type: string
format: string
-
name: apiId
in: path
description: API ID that owns this client (back end)
required: true
type: string
format: string
-
name: clientId
in: path
description: OAuth Client ID to delete
required: true
type: string
format: string
responses:
200:
description: Succesful OAuth client deletion
schema:
type: object
properties:
key:
type: string
status:
type: string
enum:
- ok
- error
action:
type: string
enum:
- deleted
/tyk/oauth/clients/{{apiId}}/:
get:
description: |
Get a list of OAuth clients bound to this back end
parameters:
-
name: x-tyk-authorization
in: header
description: tyk gateway shared secret
required: true
type: string
format: string
-
name: apiId
in: path
description: API ID that owns this client (back end)
required: true
type: string
format: string
responses:
200:
description: Succesful listy response
schema:
$ref: '#/definitions/OAuthClients'
/tyk/oauth/authorize-client/:
post:
description: |
The final request from an authorising party for a redirect URI during the Tyk OAuth flow
parameters:
-
name: x-tyk-authorization
in: header
description: tyk gateway shared secret
required: true
type: string
format: string
-
name: response_type
in: formData
description: Should be provided by requesting client as part of authorisation request, this should be either `code` or `token` depending on the methods you have specified for the API
required: true
type: string
format: string
-
name: client_id
in: formData
description: Should be provided by requesting client as part of authorisation request. The Client ID that is making the request
required: true
type: string
format: string
-
name: redirect_uri
in: formData
description: Should be provided by requesting client as part of authorisation request. Must match with the record stored with Tyk
required: true
type: string
format: string
-
name: key_rules
in: formData
description: A string representation of a *Session Object (form-encoded)*. This should be provided by your application in order to apply any quotas or rules to the key
required: true
type: string
format: string
responses:
200:
description: Succesful token response
schema:
type: object
properties:
redirect_to:
type: string
code:
type: string
access_token:
type: string
expires_in:
type: number
token_type:
type: string
/tyk/oauth/refresh/{keyId}:
delete:
description: |
Invalidate a refresh token
parameters:
-
name: x-tyk-authorization
in: header
description: tyk gateway shared secret
required: true
type: string
format: string
-
name: keyId
in: path
type: string
description: Access Token
required: true
- name: apiID
in: query
type: string
description: API ID
required: true
responses:
200:
description: Succesful token revoked
schema:
type: object
properties:
key:
type: string
status:
type: string
enum:
- ok
- error
action:
type: string
enum:
- deleted
definitions:
OAuthClient:
type: object
properties:
client_id:
type: string
secret:
type: string
redirect_uri:
type: string
OAuthClients:
type: array
items:
$ref: '#/definitions/OAuthClient'
AccessRights:
type: object
properties:
api_name:
type: string
api_id:
type: string
versions:
type: array
items:
type: string
SessionObject:
type: object
properties:
allowance:
type: number
rate:
type: number
per:
type: number
expires:
type: number
quota_max:
type: number
quota_renews:
type: number
quota_remaining:
type: number
quota_renewal_rate:
type: string
access_rights:
type: object
additionalProperties:
$ref: '#/definitions/AccessRights'
org_id:
type: string
meta_data:
type: object
oauth_client_id:
type: string
basic_auth_data:
type: object
properties:
password:
type: string
hash_type:
type: string
enum:
- ""
- "bcrypt"
jwt_data:
type: object
properties:
secret:
type: string
hmac_enabled:
type: boolean
hmac_string:
type: string
is_inactive:
type: boolean
apply_policy_id:
type: string
monitor:
type: object
properties:
trigger_limits:
type: array
items:
type: string
tags:
type: array
items:
type: string
EndpointMethodMeta:
type: object
properties:
action:
type: string
code:
type: number
data:
type: string
headers:
type: object
EndPointMeta:
type: object
properties:
path:
type: string
method_actions:
type: object
additionalProperties:
$ref: '#/definitions/EndpointMethodMeta'
TemplateMeta:
type: object
properties:
template_data:
type: object
properties:
input_type:
type: string
template_mode:
type: string
enable_session:
type: boolean
path:
type: string
method:
type: string
HeaderInjectionMeta:
type: object
properties:
delete_headers:
type: array
items:
type: string
add_headers:
type: object
path:
type: string
method:
type: string
VersionDefinition:
type: object
properties:
name:
type: string
expires:
type: string
global_headers:
type: object
global_headers_remove:
type: array
items:
type: string
global_size_limit:
type: number
override_target:
type: string
use_extended_paths:
type: boolean
extended_paths:
type: object
properties:
ignored:
type: array
items:
$ref: '#/definitions/EndPointMeta'
white_list:
type: array
items:
$ref: '#/definitions/EndPointMeta'
black_list:
type: array
items:
$ref: '#/definitions/EndPointMeta'
cache:
type: array
items:
type: string
transform:
type: array
items:
$ref: '#/definitions/TemplateMeta'
transform_response:
type: array
items:
$ref: '#/definitions/TemplateMeta'
transform_headers:
type: array
items:
$ref: '#/definitions/HeaderInjectionMeta'
transform_response_headers:
type: array
items:
$ref: '#/definitions/HeaderInjectionMeta'
hard_timeouts:
type: array
items:
type: object
properties:
path:
type: string
method:
type: string
timeout:
type: number
circuit_breakers:
type: array
items:
type: object
properties:
path:
type: string
method:
type: string
threshold_percent:
type: number
samples:
type: number
return_to_service_after:
type: number
url_rewrites:
type: array
items:
type: object
properties:
path:
type: string
method:
type: string
match_pattern:
type: string
rewrite_to:
type: string
virtual:
type: array
items:
type: object
properties:
path:
type: string
method:
type: string
response_function_name:
type: string
function_source_type:
type: string
function_source_uri:
type: string
use_session:
type: boolean
size_limits:
type: array
items:
type: object
properties:
path:
type: string
method:
type: string
size_limit:
type: number
MiddlewareDefinition:
type: object
properties:
name:
type: string
path:
type: string
require_session:
type: boolean
ServiceDiscoverConfiguration:
type: object
properties:
use_discovery_service:
type: string
query_endpoint:
type: string
use_nested_query:
type: boolean
parent_data_path:
type: string
data_path:
type: string
port_data_path:
type: string
use_target_list:
type: boolean
cache_timeout:
type: number
endpoint_returns_list:
type: boolean
APIDefinition:
type: object
properties:
id:
type: string
name:
type: string
slug:
type: string
api_id:
type: string
org_id:
type: string
use_keyless:
type: boolean
use_oauth2:
type: boolean
oauth_meta:
type: object
properties:
allowed_access_types:
type: array
items:
type: string
allowed_authorize_types:
type: array
items:
type: string
auth_login_redirect:
type: string
auth:
type: object
properties:
use_param:
type: boolean
use_cookie:
type: boolean
auth_header_name:
type: string
use_basic_auth:
type: boolean
enable_jwt:
type: boolean
jwt_signing_method:
type: string
jwt_source:
type: string
jwt_identity_base_field:
type: string
jwt_policy_field_name:
type: string
notifications:
type: object
properties:
shared_secret:
type: string
oauth_on_keychange_url:
type: string
enable_signature_checking:
type: boolean
hmac_allowed_clock_skew:
type: number
definition:
type: object
properties:
location:
type: string
key:
type: string
version_data:
type: object
properties:
not_versioned:
type: boolean
versions:
type: object
additionalProperties:
$ref: '#/definitions/VersionDefinition'
uptime_tests:
type: object
properties:
check_list:
type: array
items:
type: object
properties:
url:
type: string
method:
type: string
headers:
type: array
items:
type: object
body:
type: string
config:
type: object
properties:
expire_utime_after:
type: number
service_discovery:
$ref: '#/definitions/ServiceDiscoverConfiguration'
recheck_wait:
type: number
proxy:
type: object
properties:
preserve_host_header:
type: boolean
listen_path:
type: string
target_url:
type: string
strip_listen_path:
type: boolean
enable_load_balancing:
type: boolean
target_list:
type: array
items:
type: string
check_host_against_uptime_tests:
type: boolean
service_discovery:
$ref: '#/definitions/ServiceDiscoverConfiguration'
custom_middleware:
type: object
properties:
pre:
type: array
items:
$ref: '#/definitions/MiddlewareDefinition'
post:
type: array
items:
$ref: '#/definitions/MiddlewareDefinition'
response:
type: array
items:
$ref: '#/definitions/MiddlewareDefinition'
cache_options:
type: object
properties:
cache_timeout:
type: number
enable_cache:
type: boolean
cache_all_safe_requests:
type: boolean
enable_upstream_cache_control:
type: boolean
session_lifetime:
type: number
active:
type: boolean
event_handlers:
type: object
enable_batch_request_support:
type: boolean
enable_ip_whitelisting:
type: boolean
allowed_ips:
type: array
items:
type: string
dont_set_quota_on_create:
type: boolean
expire_analytics_after:
type: number
response_processors:
type: array
items:
type: object
properties:
name:
type: string
options:
type: object
CORS:
type: object
properties:
enable:
type: boolean
allowed_origins:
type: array
items:
type: string
allowed_methods:
type: array
items:
type: string
allowed_headers:
type: array
items:
type: string
exposed_headers:
type: array
items:
type: string
allow_credentials:
type: boolean
max_age:
type: number
options_passthrough:
type: boolean
debug:
type: boolean
domain:
type: string
do_not_track:
type: string
tags:
type: array
items:
type: string
APIDefinitionList:
type: array
items:
$ref: '#/definitions/APIDefinition'