I want to have logs of administrative actions, like adding a new route or modifying an existing one, so that I can look back and see how changes were made. For my own added routes I can add middleware that handles logging, but how do you do this for the built in tyk api end points?
This exists for the Tyk Dashboard API where all administrative actions can be audited with the full payloads recorded, this was added in v1.3.5:
Audit log
Now you can enable audit log by setting
security.audit_log_pathconfiguration option. It will log all user actions and responses statuses to it. Security information like password gets removed from this log.
You need to set this option in your tyk_analytics.conf file, docs for this file are here
I’m looking for something like that on the gateway, not the dashboard.
The gateway doesn’t have this kind of audit trail - it’s a dashboard feature. If you integrate against the dashboard management api instead of the gateway one then you can audit everything.
Since the gateway, without the dashboard (community edition), uses files exclusively for its route config, I’d suggest using source control to track changes and only use the gateway api for tokens and reading configs, instead of writing them.