Single service catalogue with multiple swagger docs

I’m listing this under ‘new features & feature requests’ but maybe i’m just doing it wrong…

I’ve just starting playing with Tyk.

I’ve installed the gateway and the dashboard.

I have many api microservices that i want to front with tyk.

For example, let’s say I have:


Each endpoint above is a microservice with its own swagger definition.

I want to allow access to some of these endpoints to different groups with an Auth token. Let’s say I want ‘vendor’ to have access to all and ‘public’ to have access to /status and /join

I have added each api by importing the swagger definition.

I have then created two policies. One for vendor and one for public. The policies have the appropriate access rules to each api.

The next thing i’ve done is enable the developer portal and create a collection. Here is where things get unstuck.

Let’s take the vendor collection. I want one collection that has the policy configured for access to everything. This allows the vendor to create one access key in the portal and then use it to access all the APIs. The problem is that I can only define a single swagger endpoint as documentation. I want the vendor to see the swagger doc for all the microservices.

If i create a collection for each microservice then great, the vendor can now see doc for everything but they also then have to create a separate api key for access to each endpoint which is not what i want.

Am i setting things up in the right way? If so, how can i get all my swagger docs under the one collection?

This is a common problem with swagger and the portal - policies let you group apis into logical products and facades, but swagger docs tend to be generated from source code - and so won’t match the facade, but instead just match the individual service.

Since the portal actually just exposes access to a policy, it uses a separate swagger file to enable the sandbox GUI.

The trick is to merge the swagger docs for the portal for the apis that are being granted access to.

We may change this in future, but since it’s a one-to-many relationship there scope could be quite large, since we would need to merge / generate a meta swagger document based on linked ones.

Tl;dr - merge the swagger docs for the apis being published to the portal and attach that to the catalogue entry in order to make the docs be relevant for the underlying policy ACL.