[TT-15720] GW Update documentation for master - 5.10.0

tyk-docs/assets/others/dashboard-swagger.yml

@@ -6,7 +6,7 @@ info:
     url: https://tyk.io/contact
   description: |2
     <img src="https://tyk.io/docs/img/swagger_dashboard_image.png" width="963" height="250">
-
+    
     ## <a name="introduction"></a> Introduction
 
     The Tyk Dashboard API offers granular, programmatic access to a centralised database of resources that your Tyk nodes can pull from. This API has a dynamic user administrative structure which means the secret key that is used to communicate with your Tyk nodes can be kept secret and access to the wider management functions can be handled on a user-by-user and organisation-by-organisation basis.
@@ -39,7 +39,7 @@ info:
     name: Mozilla Public License Version 2.0
     url: https://github.com/TykTechnologies/tyk/blob/master/LICENSE.md
   title: Tyk Dashboard API
-  version: 5.9.0
+  version: 5.10.0
 servers:
 - url: https://{tenant}
   variables:
@@ -175,6 +175,8 @@ tags:
   name: Single Sign On
 - description: System API.
   name: System
+- description: Notifications for an organisation
+  name: Organisation Notifications
 paths:
   /api/activity/keys/{keyHash}/{startDay}/{startMonth}/{startYear}/{EndDay}/{EndMonth}/{EndYear}:
     get:
@@ -1622,7 +1624,7 @@ paths:
       operationId: proxyRequest
       description: |
         Forwards a request to a specified gateway endpoint. This endpoint allows you to send requests to other services through the Tyk gateway, which can be useful for testing or accessing protected resources.
-
+        
         The proxy will forward your request to the specified URL, including any headers and body data you provide. It then returns the response from the target service, including status code, headers, and body.
       tags:
         - Proxy
@@ -3258,6 +3260,16 @@ paths:
               schema:
                 $ref: '#/components/schemas/ApiResponse'
           description: API not found.
+        "422":
+          content:
+            application/json:
+              example:
+                Message: '{apiId} is not recognised'
+                Meta: null
+                Status: Error
+              schema:
+                $ref: '#/components/schemas/ApiResponse'
+          description: API not recognised.
       summary: List OAS API versions.
       tags:
       - OAS APIs
@@ -4731,11 +4743,11 @@ paths:
           enum:
           - detailed
           type: string
-      - description: |-
+      - description: |- 
           Defines the filtering strategy applied to certificate keys.
-          This query param works only in combination with detailed mode (mode=detailed).
-          omit – Includes all certificates; this is the default behavior.
-          with_pk – Returns only certificates that are associated with a private key.
+          This query param works only in combination with detailed mode (mode=detailed). 
+          `omit` (default) – Returns all certificates regardless of private key association.
+          with_pk – Returns only certificates that include a private key.
           without_pk – Returns only certificates that do not include a private key.
         name: filter
         example: omit
@@ -7783,7 +7795,7 @@ paths:
       - Schemas
   /api/schemas/apidefs/streams-oas:
     get:
-      description: Get API definition Streams OAS schema.
+      description: Retrieve schema for Tyk Streams APIs, enabling developers and integrators to validate or generate stream-based API definitions programmatically. Supports optional OAS version selection and pretty-print formatting via query parameters.
       operationId: getApidefStreamsOASSchema
       parameters:
         - description: The OAS version.
@@ -9384,8 +9396,8 @@ paths:
           required: false
           schema:
             type: integer
-        - description: |
-            This parameter filters audit logs based on partially matching the accessed API endpoint's URL path. It allows searching for actions performed on related resources or sections of the API by matching any portion of the URL. The match is case-sensitive and ignores additional path segments or query parameters beyond the matched portion.
+        - description: | 
+            This parameter filters audit logs based on partially matching the accessed API endpoint's URL path. It allows searching for actions performed on related resources or sections of the API by matching any portion of the URL. The match is case-sensitive and ignores additional path segments or query parameters beyond the matched portion.  
             For example, if the database contains URLs like `/tib/create`, `/tib/get/1?schema=json`,  `/api/schema`, and `/schema1` searching with `url=schema` would return  `/api/schema` and `/schema1`.
           example: /api/apis
           in: query
@@ -9573,6 +9585,60 @@ paths:
       summary: Retrieve single audit log
       tags:
         - AuditLogs
+  /api/org/notifications:
+    get:
+      description: Retrieve all notifications for an organisation.
+      operationId: getAllOrganisationNotifications
+      parameters:
+        - description: Setting refresh to true will force the API to refresh the list of notifications.
+          example: 'true'
+          in: query
+          name: refresh
+          required: false
+          schema:
+            type: string
+      responses:
+        "200":
+          content:
+           application/json:
+              example:
+                - id: b52f491a-2946-408b-9330-2736db85705b
+                  created_at: 2025-08-13T11:16:12.194968+02:00
+                  org_id: 683d6e6a954737af2aa8e5c2
+                  hash: '17090217262863020087'
+                  kind: warning
+                  topic: certificate.expiry
+                  title: Certificate will expire soon
+                  message: Certificate with ID 683d6e6a954737af2aa8e5c20d545f3211d5a53684114dc8b3ebb2503edf6fabf2e5812425be2fa108f3fb4d will expire in less than 18 days
+                  data:
+                    cert_id: 683d6e6a954737af2aa8e5c20d545f3211d5a53684114dc8b3ebb2503edf6fabf2e5812425be2fa108f3fb4d
+                    expiry_date: 2025-08-31T08:41:53Z
+                    days_remaining: 17
+              schema:
+                type: array
+                items:
+                  $ref: '#/components/schemas/OrganisationNotification'
+
+          description: Returns a list of notifications for an organisation.
+        "401":
+          content:
+            application/json:
+              example:
+                Message: Not authorised
+                Meta: null
+                Status: Error
+          description: Unauthorized
+        "403":
+          content:
+            application/json:
+              example:
+                Message: 'access denied: You do not have permission to access  /api/org/notifications'
+                Meta: null
+                Status: Error
+          description: Forbidden
+      summary: Retrieve notifications
+      tags:
+        - Organisation Notifications
 components:
   examples:
     aggregateAnalytics:
@@ -10975,6 +11041,16 @@ components:
         pages:
           type: integer
       type: object
+    CertificateExpiryData:
+      properties:
+        cert_id:
+          type: string
+        expiry_date:
+          type: string
+        days_remaining:
+          type: integer
+      type: object
+      x-go-package: github.com/TykTechnologies/tyk-analytics/dashboard/repository/notification
     CertificateList:
       properties:
         certs:
@@ -12548,6 +12624,31 @@ components:
       additionalProperties:
         $ref: '#/components/schemas/ParameterRef'
       type: object
+    OrganisationNotification:
+      properties:
+        id:
+          type: string
+        created_at:
+          type: string
+        org_id:
+          type: string
+        hash:
+          type: string
+        kind:
+          type: string
+          enum: [ "critical", "warning" ]
+        topic:
+          type: string
+          enum: [ "certificate.expiry" ]
+        title:
+          type: string
+        message:
+          type: string
+        data:
+          oneOf:
+            - $ref: "#/components/schemas/CertificateExpiryData"
+      type: object
+      x-go-package: github.com/TykTechnologies/tyk-analytics/dashboard/model
     PathItem:
       properties:
         $ref:

tyk-docs/content/shared/dashboard-config.md

@@ -1097,7 +1097,7 @@ When using external TIB, this is the URL where it's reachable
 ENV: <b>TYK_DB_TIB_HOST_CONNECTIONSTRING</b><br />
 Type: `string`<br />
 
-The URL to the host. It must be in the form: `http://domain:port`.
+The URL to the host. It must be in the form: http://domain:port.
 Set this value only if you need to use external Tyk Identity Broker
 
 ### identity_broker.host.secret
@@ -1377,6 +1377,21 @@ EnableAllExperimental indicates whether all experimental features for streaming
 Warning:
   This flag should not be enabled in production environments.
 
+### notifications.certificate_expiry_monitor
+Represents the configuration for monitoring certificate expiry and metadata refresh settings.
+
+### notifications.certificate_expiry_monitor.metadata_refresh_interval_minutes
+ENV: <b>TYK_DB_NOTIFICATIONS_CERTIFICATEEXPIRYMONITOR_METADATAREFRESHINTERVALMINUTES</b><br />
+Type: `int`<br />
+
+Specifies the interval (in minutes) for refreshing certificate metadata.
+
+### notifications.certificate_expiry_monitor.warning_threshold_days
+ENV: <b>TYK_DB_NOTIFICATIONS_CERTIFICATEEXPIRYMONITOR_WARNINGTHRESHOLDDAYS</b><br />
+Type: `int`<br />
+
+Defines the threshold (in days) to trigger warnings before certificate expiry.
+
 ### labs
 Experimental and beta features configuration settings
 
@@ -1390,7 +1405,5 @@ Enable or disable sending telemetry data such as analytics, API configurations,
 ENV: <b>TYK_DB_ESCAPEDOTSINOASPATHS</b><br />
 Type: `bool`<br />
 
-When enabled, dots in OAS field names will be escaped (to \\u002e ) and unescaped when required for compatibility with specific databases.
-
-Defaults to `false`.
+When enabled, dots in OAS field names will be escaped to \\u002e for DocumentDB compatibility