Tyk Release V4.3 IS HERE!

Hello Tyk Community! :raised_hand:

:fire: :rocket: Tyk 4.3 :fire: :rocket: is live and packed with some exciting new features. You can find the detail of what is in this release here

:rocket: Highlights

  • Adds API versioning to the Dashboard UI OAS API Versioning , including:

    • Performing CRUD operations over API versions
    • Navigate seamlessly between versions
    • A dedicated manage versions screen
    • easily identify the default version and the base API.
  • Dashboard API Import

    • Importing OpenAPI v3 documents in order to generate Tyk OAS API definition is now fully supported in our Dashboard UI
  • Tyk OAS API Definition - Mock responses

    • Does your Tyk OAS API Definition define examples or a schema for your path responses? If so, starting with Tyk v4.3, Tyk can use those configurations to mock your API responses, enabling your teams to integrate easily without being immediately dependent on each other.
  • External OAuth - 3rd party OAuth IDPs integration

    • If youโ€™re using a 3rd party IDP to generate tokens for your OAuth applications, Tyk can now validate the generated tokens by either performing JWT validation or by communicating with the authorisation server and executing token introspection
  • Improved GQL security

    • Ability to turn on/off introspection - this feature allows much more control over what consumers are able to do when interacting with a GraphQL API. In cases where introspection is not desirable, API managers can now disallow it. The setting is done on API key level, which means API providers will have very granular control over who can and who cannot introspect the API.
    • Support for allow list in field-based permissions - so far Tyk was offering field-based permissions as a โ€œblock listโ€ only. That meant that any new field/query added to a graph was by default accessible for all consumers until API manager explicitly blocked it on key/policy level. Adding support for โ€œallow listโ€ gives API managers much more control over changing schemas and reduces the risk of unintentionally exposing part of the graph that are not ready for usage
  • Expanded GQL subscriptions protocol support:

    • two Websocket implementations supported: graphql-ws and graphql-transport-ws
    • and SSE (Server-Sent Events)
  • Middleware allowing to create persisted GQL queries with just a few lines of configuration in API definition

:tools: Bug fixes and minor changes

:pencil: Installation/Upgrade instructions
Tyk installation and knowledge guide: Tyk Self-Managed

:speech_balloon: Feedback
Donโ€™t forget to star us on Github and Artifacthub!