When bootstrapping an OAS style API definition, and creating a key with access rights to that API, the bootstrap fails because the API with that ID does not exist:
tyk-demo-tyk-gateway-1 | time="Oct 05 06:37:51" level=error msg="Could not add key for this API ID, API doesn't exist." api_id=651d6ef9d0e9ba0001ea657f key="eyJvcmciOiI1ZTlkOTU0NGExZGNkNjAwMDFkMGVkMjAiLCJpZCI6ImhtYWMiLCJoIjoibXVybXVyNjQifQ==" org_id=5e9d9544a1dcd60001d0ed20 path=-- prefix=api server_name=system user_id=system user_ip=--
We need the ability to declare an API ID when importing and exporting which keys, policies and automation tooling can rely on.
Sample API Def:
{
"components": {},
"info": {
"title": "HMAC Protected API",
"version": "1.0.0"
},
"openapi": "3.0.3",
"paths": {},
"servers": [
{
"url": "http://tyk-gateway.localhost:8080/hmac-protected-api/"
}
],
"x-tyk-api-gateway": {
"info": {
"dbId": "DBID", <-------- I CAN SET THIS, BUT IT SEEMS LIKE I CANT USE IT
"id": "ID", <-------- THIS CHANGES EVERY TIME BOOTSTRAP / IMPORT
"name": "HMAC Protected API",
"orgId": "5e9d9544a1dcd60001d0ed20",
"state": {
"active": true
}
},
"server": {
"authentication": {
"enabled": true,
"hmac": {
"allowedAlgorithms": [
"hmac-sha1",
"hmac-sha256"
],
"allowedClockSkew": -1,
"enabled": true,
"header": {
"enabled": true,
"name": "Authorization"
}
}
},
"listenPath": {
"strip": true,
"value": "/hmac-protected-api/"
},
"slug": "hmac-protected-api"
},
"upstream": {
"url": "http://httpbin"
}
}
}
Sample Key
{
"last_check": 0,
"allowance": 1000,
"rate": 1000,
"per": 60,
"throttle_interval": -1,
"throttle_retry_limit": -1,
"max_query_depth": -1,
"expires": 0,
"quota_max": -1,
"quota_renews": 1696429681,
"quota_remaining": 0,
"quota_renewal_rate": -1,
"access_rights": {
"651d6ef9d0e9ba0001ea657f": { <----- I CANNOT USE VALUE IN dbID
"api_name": "HMAC Protected API",
"api_id": "651d6ef9d0e9ba0001ea657f", <----- I CANNOT USE VALUE IN dbID
"versions": [""],
"allowed_urls": null,
"limit": null,
"allowance_scope": ""
}
},
"org_id": "5e9d9544a1dcd60001d0ed20",
"hmac_enabled": true,
"hmac_string": "HMAC_SHARED_SECRET"
}
This was originally a workaround due to OAS API definition ids being random. But now that it's possible to control the id, the script can be updated accordingly.
When bootstrapping an OAS style API definition, and creating a key with access rights to that API, the bootstrap fails because the API with that ID does not exist:
We need the ability to declare an API ID when importing and exporting which keys, policies and automation tooling can rely on.
Sample API Def:
Sample Key