Hi,
Is there a REST api to know number of requests made to an API using a key or by an oauth client.
Thanks,
Arghya
Hi @arghya88,
Unfortunately there isn’t an easy way to do this with the Dashboard API at the moment. The GET request that the Dashboard itself makes when displaying this data for requests sent between 03/01/16 and 11/04/17 is as follows:
curl -X GET -H "Authorization: {{Auth Token}}" -H "Cache-Control: no-cache" "http://localhost:3000/api/activity/keys/{{hashed key}}/3/1/2016/11/4/2017"
However, this request would require you to hash the key ID using Murmur3 encryption first which is somewhat counter-intuitive. There are plans to improve this aspect of the Dashboard API in a future release, however.
Kind regards,
Jess @ Tyk
It’s worth noting that the reason the hash is used and not the raw token is because exposing the token itself in this way would be very insecure. So bybdefault we dont ship with that configuration.
It is possible to set up Tyk to not use hashes at all, you simply disable it in the tyk.conf and tyk_analytics.conf (you’ll need to start over - the two modes are not compatible)
However, in this mode your users tokens, and associated metadata are stored in clear text in redis and in mongodb, any breach would expose your entire key set and you run the risk of leaking secure data through logs in proxies when making rest calls for data.
We don’t recommend running in this mode unless you have isolated your data sources well and are only interacting with the dashboard via a secure env on a secure client.
We’ll be extending the dashboard search feature to support token aliases - this should make it easier to search through hashed keys securely.