Relationship between organisation,policy and key(session token)


#1

This is the description of Organisation Quotas in tyk docs: “It is possible to force API quota limiting across all keys that belong to a specific organisation ID”
https://tyk.io/docs/tyk-api-gateway-v-2-0/tyk-gateway-rest-api/organisation-quotas/
I just want to know how it works.


#2

Hi LichKin, an organisation is an isolated unit and contains its own tokens and policies. You may find these links useful:

You’ll need to create an organisation key (see “Create Org Keys”) and specify your organisation ID, then update the quota from there, this parameters will be used when your request is processed.

Also make sure the enforce_org_quotas setting is enabled in your Tyk configuration file (tyk.conf).


#3

Thanks a lot !
Actually, I want to know the relationship between organisation, policy and key in tyk gateway without a dashboard. That means how does an organisation manage the keys’quotas belong to a same org_id.
In my view, the priority of the quotas policy is like organisation>policy>key.
Hope for a much more clear explanation.


#4

Hi @LichKin,

The dashboard is actually the only thing that cares about and enforces OrgID ownership rules, the gateway has very flat rules, I think it is only affected in the policy where API ownership ID is checked to ensure that a mixed policy is not being introduced, otherwise there is no real relationship between these IDs.

The reason being that the gateway should be a “dumb proxy”, with a simple and flat management surface, while the dashboard imposes a more structured ACL and ownership structure.

Hope that helps.

M.