Tyk MCP. Manage all API keys and policies through conversation.
Tyk MCP connects your AI agent directly to your API Gateway dashboard. You manage everything from creating user keys and defining security rules to listing APIs, all through conversation. It gives you conversational control over critical API governance tasks.
Claude 
ChatGPT 
Cursor 
Gemini 
Windsurf 
VS Code 
JetBrains 
Vercel Give Claude and any AI agent real-world access
The agent can generate new API keys for users or organizations and delete existing credentials.
You define, update, or remove security policies that control who gets access and how often they can hit your APIs.
List all active API definitions in the gateway dashboard, or create brand new ones using a specific format.
Force an immediate hot reload on the gateway to apply policy and key changes without service interruption.
Ask an AI about this
Waiting for input…
What AI agents can do with Tyk MCP: 12 Tools for API Governance
These tools give you direct conversational access to every key operation in the Tyk dashboard, from creating a policy to forcing an API gateway reload.
Make your AI actually useful.
Add this MCP to Claude, Cursor, or Windsurf and your AI stops guessing. It gets real tools to look things up, take action, and handle the stuff you keep doing by hand.
Start using Tyk MCPCreate Api Definition
This tool creates a brand new API definition within the Tyk dashboard.
Create Key
It generates and provisions a new, usable API key for a user or service.
Create Org Key
This tool creates an elevated organization-level access key.
Create Policy
You define and implement a new set of rules for controlling API access.
Delete Key
This tool revokes an existing API key, making it unusable immediately.
Delete Policy
It removes a defined security policy from the gateway settings.
Get Key
Retrieve all the necessary details for an existing API key, helping you audit its status.
Get Policy
Fetch and review the specific rules and limits of a single security policy.
Hot Reload
Force the entire API Gateway to refresh its configuration, ensuring all changes...
List Apis
This tool shows you a list of every active API definition managed by your gateway.
Update Key
Modify the parameters or status of an existing, live API key.
Update Policy
Change the rules or rate limits on a security policy you've already set up.
Security and governance baked right in.
Pick your AI client below to get set up. Just create a Vinkius account, subscribe, and you're instantly up and running. We handle the entire backend infrastructure, delivering out-of-the-box support for HTTPS Streamable, SSE, and OAuth2—zero messy routing required.
Claude AI
Open Claude Settings
Go to claude.ai, click your profile icon, then navigate to Customize → Connectors.
Add Custom Connector
Click the "+" button and select Add custom connector. Paste your Vinkius endpoint URL:
https://edge.vinkius.com/[YOUR_TOKEN_HERE]/mcp
Replace [YOUR_TOKEN_HERE] with your token
from cloud.vinkius.com. For OAuth-protected servers, expand
Advanced settings to add credentials.
Start a conversation
Open a new chat. The Tyk integration is available immediately — no restart needed.
Choose How to Get Started
Build a custom MCP for your own tools, or connect a ready-made integration from our catalog.
Build Your Own
Turn any API into an MCP. Import a spec, define Agent Skills, or deploy with MCPFusion.
- Import from OpenAPI, Swagger, or YAML specs
- Create Agent Skills with progressive disclosure
- Deploy to edge with MCPFusion framework
- Built in DLP, auth, and compliance on each call
- Real time usage dashboard and cost metering
- Publish to catalog or keep private
Make Your AI Do More
Start with Tyk, then connect any of our 5,200+ other servers whenever your AI needs more. One click, no limits.
- Use this MCP plus 5,200+ others, all in one place
- Add new capabilities to your AI anytime you want
- Connections are secured and governed automatically
- Track usage and costs across all your servers
- Works with Claude, ChatGPT, Cursor, and more
- New servers added to the catalog weekly
Independent Platform Disclaimer: Vinkius is an independent platform and is not affiliated with, endorsed by, sponsored by, verified by, or otherwise authorized by Tyk. All third-party trademarks, logos, and brand names are the property of their respective owners. Their use on this website is strictly for informational purposes to identify service compatibility and interoperability.
VINKIUS CLOUD
Cloud Hosted
Managed infra
V8 Isolated
Sandboxed per request
Zero-Trust Proxy
No stored credentials
DLP Enforced
Policy on each call
GDPR Compliant
EU data residency
Token Compression
~60% cost reduction
API Governance is a series of tedious clicks and secret copy-pastes.
Right now, managing your API gateway means jumping between the dashboard, pulling up key details, manually defining rate limits in one pane, then navigating to another tab to create the policy that enforces those exact rules. You end by having to trigger a manual refresh and hope everything stuck.
With this MCP, you tell your agent what you need—for example, 'I need all services using the Payment API defined with a 10/minute limit.' The whole workflow, from checking definitions ('list_apis') to setting policies ('create_policy'), happens in one conversation. You get instant, verifiable governance.
Manage Keys and Policies with Tyk MCP
The manual steps that disappear are key creation and policy management. No more logging into the dashboard just to generate a temporary credential or spending time adjusting rate limits across multiple UI panels. You use 'create_key' and 'update_policy' conversationally.
You don't just get an answer; you execute the change immediately. It’s about operational certainty, letting your agent perform critical actions like deleting old credentials ('delete_key') or updating definitions without ever leaving your chat window.
What Tyk MCP does for your AI
This connector lets you run your entire API infrastructure—from key creation to policy enforcement—using only natural language prompts. Instead of jumping between multiple dashboards or writing complex CLI commands, you talk to your agent and it handles the gateway operations for you. You can define security policies, manage rate limits, generate new keys, and even force a configuration refresh instantly.
If managing API governance feels like juggling ten different UIs, this MCP helps centralize that control. It's hosted on Vinkius, making sure any AI client you use connects to all your tools in one place.
019e3900-a486-738d-ba10-003b8edfa74c 
How to set up Tyk MCP
The bottom line is, you talk through your desired change, and the MCP executes it against your live API Gateway.
Subscribe to this MCP, providing your Tyk URL and either a Gateway Secret or Dashboard Token.
Connect your preferred AI client (like Cursor or Claude) to the Vinkius catalog.
Start by asking the agent to perform an action, such as 'List all payment API definitions' or 'Create a new rate-limit policy'.
Who uses Tyk MCP
This connector is for Ops Engineers and Security Analysts who hate manual dashboard clicking. If your job involves ensuring that every service key is properly restricted or if you spend too much time copy-pasting secrets, this MCP saves hours of tedious work.
You automate critical gateway operations, like forcing hot reloads or updating policies, without ever leaving your chat interface.
You quickly test and generate temporary API keys or check the status of new API definitions during local development cycles.
You audit existing security policies and user access rights across all APIs to ensure compliance with internal standards.
Benefits of connecting Tyk MCP
Stop navigating complex dashboard menus. You simply tell your agent what needs to change—like generating a new key or updating a policy—and it executes the necessary commands on your behalf.
Reduce deployment risk by instantly forcing a hot reload using the 'hot_reload' tool. This ensures that any changes made to policies or definitions are live in seconds, not minutes.
Maintain strict compliance by having the agent run 'get_policy' and 'get_key'. You can audit access rights and rate limits across your entire ecosystem without manual checks.
Speed up development cycles. Instead of asking a teammate for temporary credentials, you use the agent to generate keys or list definitions instantly, using tools like 'create_key' and 'list_apis'.
Gain total control over your API structure. You can create new API definitions ('create_api_definition') and enforce governance by setting up granular security policies that limit access.
Tyk MCP use cases
The Quarterly Security Audit
A security analyst needs to prove that all internal microservices are limited to 50 requests per minute. Instead of logging into the dashboard and clicking policy rule after policy rule, they prompt their agent: 'Check every service for rate limits.' The agent uses tools like get_policy and list_apis to build a comprehensive compliance report.
Hotfix Deployment
A backend developer just updated the payment processing logic. They need to ensure the live gateway sees the changes immediately without downtime. They prompt their agent: 'Force a hot reload on the Tyk Gateway.' The MCP runs the action, instantly updating the environment.
Onboarding a New Partner
The ops engineer needs to give a new third-party partner API access. They prompt their agent: 'Create a limited key for Acme Corp with only read permissions on the User profile endpoint.' The MCP uses create_key and create_policy together, guaranteeing scoped access.
API Clean Up
The team decommissioned an old experimental API. Instead of logging in to manually delete its definition and all related keys, the engineer prompts: 'Remove the deprecated reporting API.' The agent handles listing APIs, deleting the definition, and cleaning up associated credentials.
Tyk MCP tradeoffs
What to watch out for, and the recommended way to handle each one.
Manual Config Refresh
Making a policy update in the dashboard and then waiting 15 minutes for it to propagate across all environments. You spend time checking logs and sending Slack messages asking if the change went through.
Use 'hot_reload' via your agent. After updating any key or policy, you prompt: 'Force hot reload on Tyk Gateway.' The gateway refreshes instantly, guaranteeing immediate enforcement.
Key Credential Sprawl
A developer needs an old API key status but can't remember which dashboard it was under. They spend 30 minutes clicking through dozens of list views trying to find the right credential record.
Use 'get_key'. Simply ask your agent: 'What are the details for API key X?' The MCP fetches the exact metadata you need instantly.
Over-Permissive Policies
Creating a new policy that is too broad, granting read/write access everywhere because it was easier than defining granular limits. This creates massive security holes.
Always use 'create_policy' with specific rate limits and targeted resource IDs. Review the details using 'get_policy' before activating anything.
When to use Tyk MCP
Use this MCP if your core problem is API Governance, Key Lifecycle Management, or Policy Enforcement across a complex gateway setup. You need to interact with multiple layers of security (keys, policies, definitions) and the process involves state changes (create, delete, update). Don't use it if you just need to view simple data—for instance, if you only want to read logs from an external source, a dedicated log aggregator tool is better. However, if you need to list APIs AND then delete them based on criteria, this MCP handles the full operational cycle. You must be comfortable defining what needs to change (e.g., 'Increase rate limit for endpoint Z') rather than just asking for simple information.
Frequently asked questions about Tyk MCP
How do I manage API keys with Tyk MCP? +
You use the agent to create, read, update, and delete keys. You can ask it to 'create a new key for my staging environment' or 'get details for existing key X.' This keeps all your credential management in one place.
Can Tyk MCP force an immediate configuration refresh? +
Yes, you use the hot_reload tool. After making any changes to policies or definitions, triggering a hot reload ensures the gateway applies those rules instantly without requiring manual intervention.
What is the difference between listing APIs and creating them with Tyk MCP? +
You use list_apis to view all existing API definitions in your dashboard. If you need a new one, you use create_api_definition to build it out.
Does Tyk MCP handle rate limiting and security policies? +
Absolutely. You can define or update any policy using the create_policy and update_policy tools, allowing you to set granular rate limits and access controls for your APIs.
Is this good for auditing my current API setup? +
Yes. To audit everything, use get_key to check credentials, get_policy to review rules, and list_apis to confirm the definition status of every endpoint.