Restrict api traffic to the web service

I would like to use tyk cloud as api gateway for the api which is deployed on azure.
I would like to restrict access to the api on azure and it should only be from tyk
how can I achieve this.

My initial thoughts were to put an ip restriction
is this the right approach.
Can I get the ip address or range of ip addresses to implement this restriction
is there a better approach than IP based restriction

I scanned the documentation of tyk but could not find any reference to this scenario
I guess my requirement is a valid requirement so as to not to by-pass the api management layer / gateway
requesting anybody who has implemented tyk to share some thoughts




The best way for you to achieve this would be using mutual TLS to secure the path between your upstream and the Tyk Cloud Gateways.