tyk

Tyk is an open-source API gateway written in Go. An API gateway sits between your application and the services it exposes to the outside world, handling concerns like authentication, rate limiting, and traffic routing so individual services do not have to deal with them separately. Tyk has been in development since 2014 and supports REST, GraphQL, TCP, and gRPC protocols.

The core feature set includes authentication using industry-standard methods such as JWT tokens, OAuth/OIDC, basic auth, and client certificates. It can enforce rate limits and quotas so that no single user or client can overload your backend services. Tyk also supports API versioning, letting you sunset older versions at a defined date, and provides granular access control so you can allow or block specific endpoints per consumer.

Beyond access control, Tyk can transform traffic: modifying request or response headers, rewriting content, and converting between formats such as SOAP and GraphQL. A plugin system lets developers extend the gateway by writing custom middleware in Go, Python, JavaScript, or any language that speaks gRPC, so custom logic can be added without forking the core codebase.

Deployment options include Docker, Kubernetes (with a dedicated Kubernetes operator), Helm charts, Ansible, and standard Linux package managers for Red Hat, Ubuntu, and CentOS. The quickest way to get started is a Docker Compose setup that has the gateway running in a few commands. Once running, you register your APIs through configuration files or the API and Tyk begins proxying and applying policies.

Tyk Gateway is the open-source edition and has no feature lockout. Paid editions add a management dashboard, developer portal, and cloud hosting. The project is licensed under the Mozilla Public License 2.0.