Tyk Cloud v0.9.9.x


#1

The Tyk Cloud stack has now been updated to the latest version of the software, key changes that have been added in this version and to be aware of:

  • Limited multi-target support on a per-version basis, you can see this in the versions section of your API. Round Robin LB and Service Discovery are not supported.
  • Centralised JWT keys are now supported, you can now set a single shared secret on an API to validate inbound requests.
  • Centralised JWT keys need an identity field that identifies the user within the Claims of the JWT, this will fallback to sub if not found. This field forms the basis of a new “internal” token that gets used after validation, it means policy attributes are carried forward through Tyk for attribution purposes and throttling.
  • Centralised JWT keys also need a policy field name which sets the policy to apply to the internal key
  • JWT headers now support “Bearer xxxx”-style auth headers
  • HMAC authentication now supports an alternate header (x-aux-date) for clients that do not provide a date header, this header is checked first before reverting to the Date field
  • Added more default tags for better segmentation: key-{key-id}, org-{org-id} and api-{apiid} can now be used as tags to lock down the analytics filter in the dashboard.
  • HMAC support re-written and updated to the latest spec (v5) - this is a potential breaking change as date headers are no longer base64 encoded
  • HMAC: request-target now supported
  • HMAC: headers signature field is now supported (this means Digest can be included)

If you experience any issues with you Tyk Cloud configuration please let us know as soon as possible.

Martin & The Tyk Team.