How to: Connect Tyk API Gateway to REST APIs

Hi - I’m new to Tyk and API Gateway and I’m trying to learn how to connect Tyk gateway to a REST API with the security required, an authentication with Auth0 and then transforming it to a JSON web token to send to the API. In effect, implementing this article: https://blog.kloia.com/using-tyk-io-and-jwt-io-on-stateless-microservice-authentication-d7e6985b97bd

My REST APIs are NodeJS-based application implemented with a simple JSON web token security on Heroku.

Anybody could point me to a good article(s)/documentation(s) explaining how to do it? Sad to say, after a few hours to search, besides a few configurations that keeps refusing my connections, I’m still no where and don’t even know where to continue next!

Thanks in advance!

As a note:
Using Tyk Cloud
Using Auth0 cloud.
Trying to connect to Heroku NodeJS REST API applications.

Hi Martin,

We’re looking into this for you. :+1:

In the meantime, have you followed any of our guides here: https://tyk.io/docs/?
Do you have any errors during your setup process, and can you share your API definition please.

Nick @ Tyk

Hi Martin,

to add to Nick’s reply you may also find useful this blog post.

Thanks,
Kos @ Tyk Support Team

First, thanks a lot for the quick responses!! “Rookie questions” usually get no answers on other forum so thanks and congrats on that! :slight_smile:

Regarding the API definition, since this is a really simple personal project used to learn API Gateway, I don’t have a full documentation for it (maybe that will be my next learning step). However, I’m copying my list of API calls from Postman (as an image) so you can see the structure (I believe it should be fairly easy for you to deduce the rest - let me know if not). To sum up:

  • URI-CLTACCT is the first API micro-service, managing users and accounts.
  • URI-TXN is the second API micro-service, managing only transactions.

Note: they both use JSON web token with different secrets.

From there, I want to implement a Tyk API Gateway managing the security, etc. for all API micro-services (in other words, all the advantages of the API gateway).

I had already followed the blog post suggested by Kos to add Auth0 and the “Auth0 Tyk API” is there but not sure what to do from there to connect it to the rest.

So far, I have the 2 “Tyk API” as follows:

Now, that’s where I’m a little confused; following the previous article I mentioned, how to create my token (in a test/Postman scenario) with Auth0? I’m reading up on that right now… But once figured out, how to make a request using Postman to the tyk.io URI which will forward to the URI-CLTACCT micro-service while transforming the token to the user’s appropriate JSON web token and to the right path on the micro-service? I feel this is basic API Gateway stuff but somehow, I can find how to do it or if I’m completely wrong the way I go about it… For example, a smaller item, is my API definition/specification/design correct to have the “staging” in the URL for the test environment?

Again, thanks for the answers!

You will need to configure AUth0 to use OpenID COnnect (basically generate an id_token), when you go through the Auth0 login flow, you will get a an access token, etc. and and id_token.

With Postman, just use the header format:

Authorization: Bearer {id_token_here}

Your API will need to be configured to use OpenID Connect, and have your Auth0 endpoint and client app as a valid IDP.

You can find the Auth0 IDP URL and the Auth0 Client ID in the actual ID Token if you decode it with https://jwt.io, the IDP is the iss claim, and the client ID is the ‘aud’ claim