This is a repository that contains examples of Tyk Plugins. A Plugin is a custom middleware that is injected into the API request lifecycle, which further complements the built-in Tyk functionality such as authentication & rate limiting.
Here's the different phases you can inject plugins in the request lifecycle. A response plugin is also possible.
| Language | Phase | Description | Link |
|---|---|---|---|
| Golang | Pre | Injects client certificate attributes as a Header | Link |
| GoLang | Post-Auth | OAuth2 Introspection | Link |
| GoLang | Post-Auth | Authorizes request against OPA | Link |
| Golang | Post + Auth | Dummy one to test the 2 hooks in go | Link |
| Golang | Post | Injects Key Meta Data into a Header | Link |
| Golang | Pre | Checks Basic Auth creds against an AWS DynamoDB instance | Link |
| Golang | Pre | Custom Cache on upstream failure | Link |
| Golang | Pre | Request funneling until cache is built | Link |
| Golang | Pre | Upstream URL rewrite based on header, query or body value | Link |
| Golang | Post | Upstream OAuth2.0 (Client credentials flow) | Link |
| Golang | Post | Invoke AWS Lambda with IAM Credentials | Link |
| Golang | Post | Send Custom Error Message in Plugin w/ Conditionals | Link |
| Golang | Any | Establish a connection to Redis database | Link |
| Golang | Analytics | Manipulate Tyk analytics records | Link |
| Language | Phase | Description | Link |
|---|---|---|---|
| gRPC (GoLang) | Pre | Header Injection & Auth example | Link |
| gRPC (GoLang) | Pre | Invokes an AWS Lambda | Link |
| gRPC (Node) | Pre / Autg | Simple NODE example with access to config data Lambda | Link |
| gRPC (Java) | Auth | Decodes JWT, inserts a claim and resigns it | Link |
| gRPC (Java) | Post | Inserts Metadata from the portal requested key as an HTTP header | Link |
| gRPC (.NET) | Auth | Performs auth check against a SQL server | Link |
| gRPC (Ruby) | Pre | Modifies HTTP header | Link |
| gRPC (Python) | Pre | Inserts a HTTP header | Link |
| Language | Phase | Description | Link |
|---|---|---|---|
| Javascript | Pre | Inserts tracing ID in header | Link |
| Javascript | Pre | Auth Token & mTLS protection | Link |
| Javascript | Pre | Evaluates the validity of a Tyk Token | Link |
| Javascript | Post | Checks API requests against a WAF | Link |
| Javascript | Post-Auth | Checks the request path against the user's meta data. If there is a cross-over, will deny the request | Link |
| Language | Phase | Description | Link |
|---|---|---|---|
| Lua | Pre | header injection | Link |
| Language | Phase | Description | Link |
|---|---|---|---|
| Python | Auth | Checks API requests against a hard-coded token | Link |
| Python | Auth | Validates credentials against an LDAP server | Link |
| Python | Pre | This plugin sends a message to a queue server, it uses kombu as the messaging library | Link |
| Python | Pre | This plugin sends log data to a Datadog agent. | Link |
| Python | Pre | This plugin sends log data to a Loggly HTTPS endpoint | Link |
| Python | Pre | This plugin will block requests from specific user agents, using regular expressions. | Link |
| Python | Pre + Post | Inserts a correlation ID as a header | Link |
| Python | Post | Injects a signed JWT as Authorization Header | Link |
| Python | Response | Modifies the header and body of a response | Link |
Virtual Endpoints are slightly different, more of a FaaS / Lambda as opposed to a plugin, and thus are treated differently
| Language | Description | Link |
|---|---|---|
| Javascript | Tyk as an OAuth2.0 Client in client_credentials flow in Auth0 | https://gist.github.com/letzya/ba7c2cd833c11fac61ae4a1d1908f1dc |
| Javascript | Tyk as an OAuth2.0 Client in client_credentials flow in Azure | https://gist.github.com/letzya/7e852181643e871481a7997ae3d5b84a |
| Javascript | Demo body transform of response, XML to JSON using petstore's endpoint /pet/{id} | https://gist.github.com/letzya/7df4dbc37f2f075795995efb8e205d3e |
| Javascript | Make POST request with FormData to Upstream | Link |
| Javascript | Create API Key via Dashboard API | Link |
Have a cool or useful idea to add to this list? Feel free to open an issue.
If adding an example, first off, thank you.
Create a new directory the following name pattern:
<language>-<phase>-<description1>_<description2>_<description3>
For example:
js-pre-insert_header/
|- README.md
|- myplugin.js
|- apidef.js
- Include a README with instructions, and the supporting files in the directory