Having a hard time understanding the usage model from a developer perspective

We have set up Tyk 2 but now we are having a hard time understanding how it is supposed to be used. I think the best way to make my point is starting by trying to explain how we would expect an API manager to work and then explain what gaps we find in Tyk. Maybe it’s our misunderstanding or a misconfiguration, but certainly we need some clarification on some key usage scenarios.

As an API provider, I would expect to be able create APIs, configure their supported authentication methods (in our case we are trying to work with oauth2 client credentials grant), publish them to the public and monitor usage. All these things I can do, except we haven’t been able to make the client credentials grant work.

As an API consumer, I would expect to register in the portal, register and manage my oauth clients for different available APIs and monitor my API usage.

Here comes most of our troubles, because It seems that developer accounts in the developer portal can’t do much but view de documentation and test de API.

This arises some questions.

How can an API consumer user register oauth clients? Does it have to be done by the API provider admin through the dashboard?

How can an API consumer user monitor his usage? Does the API provider admin have to create a user on the dashboard with certain privileges to allow this use case? Is this even supported?

What is the API key the developer receives on sign up for? Where can he get a client id and secret to implement a client credentials flow?

Thanks in advance for your support!

Currently the Tyk developer portal does not support self-registered OAuth clients by third party Devs, only nearer tokens as a security mechanism and basic with are supported for self-signup.


Hi Martin,
Thanks for your prompt response. I do still have a few outstanding question.

  1. Does Tyk fully support all Oauth2 flows? And more specifically the client credentials grant?
  2. If I were to issue credentials for an Oauth flow, I understand I must do it from the dashboard. What would be the preferred way to send/give access to the issued credentials to the API consumer? Can this be done creating a user in the dashboard and giving it scoped access to some dashboard capabilities?


Yes, but not in the developer portal

This is the OAuth flow in tyk you can use: