Hi, I am using Tyk for the first time. Previously I explored Kong, and I know that Kong has this ACL plugin where it restricts access to a Service or a Route by adding Consumers to allowed or denied lists using arbitrary ACL groups.
I am just wondering is it possible to achieve this ACL function in Tyk? Like I want to restrict this user 1 to access only certain API only (like API A & B), and another user 2 can only access API ( let’s say API C only).
Hi @maantarng, welcome to the community and thanks for taking the time to explore Tyk.
From what I have skimmed through about ACL in Kong, I don’t think Tyk has a one to one matching.
However, if you want to restrict user 1 to access API A and B but want user 2 to only access API C, then you can do that with the access rights section in Keys.
"access_rights": {
"<API ID>": {
"allowance_scope": "",
"allowed_urls": [
{
"url": "/deny",
"methods": [
"GET"
]
}
],
"api_id": "<API ID>",
"api_name": "<API NAME>",
"limit": {
"max_query_depth": -1,
"per": 60,
"quota_max": -1,
"quota_remaining": 0,
"quota_renewal_rate": -1,
"quota_renews": 0,
"rate": 3,
"throttle_interval": -1,
"throttle_retry_limit": -1
},
"restricted_types": [<FOR GRAPH QL USE CASE IF I CAN REMEMBER CORRECTLY>],
"versions": [
"2.0.0"
]
}
}
You can also use policies for more complex scenarios. We have a writeup explaining the concept on partition policies with a few examples and use cases.
Considering you are still exploring, this thread may shed some light if you have questions about the relationship between API, Keys and Policies
Hi Oluwaseye Ayinla,
Thanks for your help and information.
Regards,
Maan Tarng