API portal, catalogue and policies

Assume I have N APIs

  • Weather API
  • Inventory API
  • … API

I have a single “master” policy that allows the keys to access to all the APIs.

I also have N sets of swagger documents describing the APIs.

However, I’ve noticed that each API catalogue entry requires their own policy, which would mean that I would need N policies, for all N API docs.

And the API key requested would be from the policy rather than the single master policy.

I am wondering are there plans to allow a single policy to be assigned to multiple catalogue entries and open API documentations.


Hi Bill

Are you using tyk on-prem, or Tyk Cloud/Hybrid?

Hi James:

It will be an on prem installation for a large telecom company with multiple business units/divisions.



Hi Bill

In Tyk, a policy comprises access control to 1 or more endpoints, and can be published, along with documentation to the developer portal.

For this reason you can also think of a policy as a “product” - a common use case is to “wrap together” multiple endpoints into a single policy, perhaps price endpoint, image endpoint, description endpoint, etc, all provided by different systems. That policy is then published to the portal, by default with a single swagger doc or similar, as “The Ecommerce API”, providing a simple facade to consumers. We prefer this abstraction, rather than exposing the various legacy systems and APIs you may have on a 1-to-1 basis.

With an on-prem install, you can adjust the portal templates (you have full acccess) or alternatively use the Portal APIs and simply add the portal signup/self-service functions to your preferred web-platform (Open source options I know of include a wordpress plugin, a custom ruby portal, etc)

I’m not sure I fully get your use case, but perhaps by customising the portal and considering the usage of policies in this way, you will be able to achieve what you require?