I’m working on a custom developer portal that’s not backed by tyk-dashboard/portal templates. So, it’s a separate process, developed within the React ecosystem.
My question is about authentication implementation and maybe all APIs of TYK in general. Many features (listing the catalog items, providing forms to request keys, login, register, and so on) were rather easy to implement when I was using built-in templates that came in tyk-dashboard/portal. However, now, I am not sure how they should be implemented as I feel somewhat lost in the docs. If we particularly talk about the login action, the closest endpoint I could find to what I need is
/api/portal/developers/verify_credentials. However, I feel conflicted with that endpoint due to the following thoughts in my mind;
- It only responds with “OK” or “Unauthorised” without providing any token that can be used on behalf of the verified developer. So, I understand that this is only for the verification of the provided credentials. That cannot be consumed for any further purposes. So, to my understanding, there is no endpoint to provide this functionality to a fully custom portal? Or, I must have overlooked it.
- It requires an authorization header in the request, which is stated as TYK_API_KEY in many places. However, I couldn’t figure out what it should be in the end.
Maybe some straight questions;
- What is TYK_API_KEY? How can I retrieve it? I’m curious if it’s a dashboard user’s API key or so? It does not sound like a key that I can publicly use in the network requests on the browser level.
- I need many endpoints to achieve what tyk-dashboard/portal is achieving out of the box. I see “TYK APIS” sections on the docs could be beneficial to me. However, I’m not satisfied with how the APIs and their endpoints are demonstrated as it seems none of them can be publicly consumed.
Any help is much appreciated.