Current issue: We are getting a few support requests about people not knowing the difference between their dashboard account and Tyk account portal account. They use the same password, when sometimes they are only a dashboard user, and not the Tyk account owner.

As a user:

• I want to know how each system is different (Tyk account portal, dashboard, developer portal)
• I want to know which details I need to login with

Most of our documentation for the Tyk Identity Broker seems to only appear in the wiki for its Github repo and not in our official docs. I think it might be a good idea to move this information across so that all of our documentation can be found in the same place.

It's also worth noting that some of this information already appears on the site (e.g., the contents of this page can be found here) so we will want to avoid adding duplicate information.

Setup assumes default python interpreter will be a python2.
/docs/get-started/with-tyk-on-premise/installation/docker/docker-quickstart/

For each Tyk component, plus recommendations for dependancies Redis and MongoDB

While investigating an issue with RHEL setup, I've found that the step 3 in our guide is broken, it's here.

This URL is returning 404.

$ wget http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-8.noarch.rpm

Enhancement proposal:

At the moment users can only download the Gateway Environment Variables as xlsx.
We could create a page for it as well as for the Dashboard and Pump which they have their own environment variables

As per the clustered Redis docs (https://tyk.io/tyk-documentation/configure/configure-redis-cluster/), provide similar for MongoDB.

May only require guidance on correct connection string usage when using a Redis cluster.

json format specs can be put here and a link can be given

Currently, this functionality described only as few configuration options on https://tyk.io/docs/configure/tyk-gateway-configuration-options/#control_api_hostname page, and it definitely deserves more attention.

Very important that control_api_hostname will not work without enable_api_segregation turned on (but control_api_port will). This may change in future.

Along with the Dashboard v1.4 release.
Under https://tyk.io/tyk-documentation/tyk-dashboard-api/portal-developers/ create a new snippet and add new content with images for the new functionality.

We should check whether we can happily upgrade to the new release of Hugo. Release Notes are available from https://gohugo.io/news/0.27-relnotes/

There should be reference to apps folder json definitions.
/docs/configure/tyk-gateway-configuration-options/

More info can be found on Trello

For MongoDB and Redis storage.

E.g. How many GB per million requests?

See https://community.tyk.io/t/size-estimates-for-redis-and-mongodb/1047/2

How many instances required for standard setup?

Martin recently provided a response related to this:

Gateway Nodes:
Memory: 4GB
Storage: Minimal (not dependent for application)
CPU: 4 Cores

Dashboard nodes:
Memory: 2GB
Storage: Minimal (not dependent for application)
CPU: 2 cores

Pump Nodes:
Memory: 2GB
Storage: Minimal (not dependent for application)
CPU: 2 Cores

Redis:
Memory: 7-8GB
Storage: 500GB SSD (if persistence enabled)
CPU: 2 Cores minimum

MongoDB:
Memory: 8GB or more
Storage: 3TB SSD
CPU: 2 Cores

The gateway sizing here is very generous, 1 2GB/2 core node could probably handle 2k TPS but it may run “hot”.

Regarding the deployment of Redis, for HA most of our customers opt for Redis Cluster as opposed to Redis+Sentinel as it’s a little easier to set up.

As for data retention, 2 years of data is possible, but at that transaction rate it will generate a lot of data quickly. We’ve sized Mongo’s HD to handle a large amount of data, but would recommend that we provide data management strategies so that they do not need resizing in the future – there are strategies that can be used to ensure that high-level data is retained and granular data is more short-lived.

As a user I should be able to see what the middleware execution rules are, since I don't want to have to go through the code to do so.

Ensure that the new multi-policy feature is documented before release

Add the above section.
More info can be found on weDocs

One of our users figured out how to install Tyk on Docker cloud platform. We may be interested in putting this in our docs:

https://community.tyk.io/t/cannot-connect-to-my-webservice-when-creating-new-api-upstream-host-lookup-failed/1358/3

Docker Quickstart guide on https://tyk.io/tyk-documentation/get-started/with-tyk-on-premise/installation/docker/docker-quickstart/ needs to be replaced with : https://github.com/TykTechnologies/tyk-pro-docker-demo

This script doesn’t take the port into consideration, it would be nice to mention that, also what to do if one configured the gateway with custom port (as it is the example).
/docs/configure/tyk-dashboard-configuration-options/

See Community Post - https://community.tyk.io/t/tyk-ignore-plugin-and-adding-headers-to-the-request/1355

1. Support for custom error messages in middleware using return overrides TykTechnologies/tyk#986. Basically, it is an extension to https://tyk.io/docs/customise-tyk/plugins/rich-plugins/rich-plugins-work/ ReturnOverides section. It currently points to the Github pull request, and instead, python code should be embedded to the docs itself (without manifest file).

2. Added new proxy_default_timeout option to the Gateway, which specifies default timeout for the request to upstream API.

3. Added new Dashboard API to verify developer credentials: /portal/developers/verify_credentials: with payload like {"username": , "password": }. Should return HTTP code 200 in case of success or 401 if credenials do not match.

4. Extending Tyk section should somehow tell that it is possible to build completely custom developer portal, pointing to this tutorial https://github.com/TykTechnologies/tyk-custom-portal. It is up to you if you would like to move all the documentation to page in docs, and we refer it from repo readme. Also, we can embed screencast right into the docs page.

If the above header is not included in the cURL request, it fails with the following error {"status":"error","error":"Request malformed"}

@marksou ping me if you need more information

What it is, how it works, basic usage.

Parent - Customise Tyk

We should create a feature table that compares the different flavours of Tyk (Cloud, Hybrid and On Prem). Especially, what can and can't be done with each.

To configure a separate control API port you may set the control_api_port field in tyk.conf
See: TykTechnologies/tyk#423 (comment)

The signatureString requires newlines, but the are not properly shown (escaped) in the go-snippet. It would also be very helpful to have a sample (valid) request + keys + headers (with some debugging values of the intermediate values) which can be used to validate your own implementation.
/docs/security/your-apis/hmac-signatures/

currenlty the only place mentioning Tyk statsd integration is this release announcement post https://community.tyk.io/t/new-tyk-release-now-available/1302

For typical deployments.

Include basic and HA.

We recently received a ticket regarding issues a user had had following our documentation on how to setup social media account access to the Dashboard (see here). Can the following points please be clarified in our docs?:

1. How would users go about adding a login with Google or login with Facebook button to the developer login page?
2. What should users fill in the Client ID field?
3. What exactly is the Profile Setup process?
4. Does this require the Tyk Identity Broker?

1. Add new context variable request_id to https://tyk.io/tyk-documentation/transform-traffic/request-headers/#request-headers-context-variables. Now we can inject request correlation ID (for example X-Request-ID), for example: "X-Request-ID":"$tyk_context.request_id". Here is example of global_headers` with context variables TykTechnologies/tyk#713. It probably make sense to extend docs with this example.

2. Coprocess middleware (Python, Lua, gRPC), now able to override response code, headers and body using ReturnOverrides. See TykTechnologies/tyk#763 the usage.

3. Password reset
   Added ability to reset user passwords.
   By default user can reset only his own password.
   Add a new permission ResetPassword, but it can be granted only via the admin API using following new endpoints: /admin/users/:userId/actions/allow_reset_passwords /admin/users/:userId/actions/disallow_reset_passwords. You need make request using PUT HTTP method
   Example: curl -X PUT -H "admin-auth: <your secret>" http://<dashboard>/admin/users/:userId/actions/allow_reset_passwords

4. Password recovery
   Now it's possible for users to recover dashboard password using email. To enable this feature to ensure that you configure email https://tyk.io/tyk-documentation/configure/outbound-email-configuration/. Do not forget about new email_backend.dashboard_domain option which should be your public dashboard hostname.

5. Added support for Mongo SSL protocol for both Dashboard and Pump, using new mongo_ssl_insecure_skip_verify and mongo_use_ssl boolean variables

6. Dashboard session timeout now configurable using dashboard_session_lifetime (seconds) option and reduced to 1 hour by default.

We need to add how to upgrade the Hybrid Gateway to the latest version. See https://support.tyk.io/helpdesk/tickets/1047 for details

We have some hidden docs right now for the Heroku deployment button for Tyk Hybrid. There a few holes in the docs that we need to update for a more comprehensive guide.

• Add more detail in docs around what happens after deployment on Heroku
• Add link to the Heroku dashboard from the docs (probably to the bit describing what happens after deployment)
• Explain they need to create an API in Tyk dashboard before clicking “Open app” in Heroku (link to Tyk dashboard from docs)
• Review the page content of the page that “View” in the Heroku dashboard links to after deploying, to make it more user friendly. e.g. it links here currently: https://tyk.io/docs/get-started/with-tyk-hybrid/tutorials/ which I think is confusing. It mentions Heroku on this page (but that is another user's contribution).

How to import legacy APIs, Keys etc

See trello for more info as well

Need to define the reasons for this issue:

• Whitelist
• Blacklist
• If ACL defined which includes paths

Feedback from the docs states:
The example elastic search configuration shows the url as “hostname:port” (“localhost:9200”,) whereas it should be “http://hostname:port”. Setting up Elastic search without the http causes an error to occur.

Page in question is: /docs/analyse/other-data-stores/#elasticsearch

Can someone confirm and I'll update the example.

We should add target="_blank" to our URL links, especially to external sites (GitHub, etc). This would prevent the use losing their place in the docs.

List of supported types.

Parent - Customise Tyk

Do we recommend any housekeeping Tyk?

Log rotation?

See following Forum post
https://community.tyk.io/t/unable-to-get-rewrite-working/1607/5

See also:
https://community.tyk.io/t/url-rewriting-not-working/1415

Add the above section.
More information can be found at it's own section in weDocs

The post mentions session_expiry, but it is not clear where you must adjust that field. In api definition? In the session when you create the token?
https://tyk.io/tyk-documentation/security/your-apis/token-expiry/

This old page contains the old documentation https://tyk.io/docs/tyk-api-gateway-v1-9/importing-apis/, which can be the basis of a new page.

Also, re (check Trello board), we need to explain that importing an API definition using Swagger will result in a whitelist, so if the paths are not exactly right it will result in errors.