# Tyk MCP

> Tyk MCP connects your AI agent directly to your API Gateway dashboard. You manage everything from creating user keys and defining security rules to listing APIs, all through conversation. It gives you conversational control over critical API governance tasks.

## Overview
- **Category:** developer-tools
- **Price:** Free
- **Tags:** api-gateway, api-management, security-policies, rate-limiting, key-management

## Description

This connector lets you run your entire API infrastructure—from key creation to policy enforcement—using only natural language prompts. Instead of jumping between multiple dashboards or writing complex CLI commands, you talk to your agent and it handles the gateway operations for you. You can define security policies, manage rate limits, generate new keys, and even force a configuration refresh instantly. If managing API governance feels like juggling ten different UIs, this MCP helps centralize that control. It's hosted on Vinkius, making sure any AI client you use connects to all your tools in one place.

## Tools

### create_api_definition
This tool creates a brand new API definition within the Tyk dashboard.

### create_key
It generates and provisions a new, usable API key for a user or service.

### create_org_key
This tool creates an elevated organization-level access key.

### create_policy
You define and implement a new set of rules for controlling API access.

### delete_key
This tool revokes an existing API key, making it unusable immediately.

### delete_policy
It removes a defined security policy from the gateway settings.

### get_key
Retrieve all the necessary details for an existing API key, helping you audit its status.

### get_policy
Fetch and review the specific rules and limits of a single security policy.

### hot_reload
Force the entire API Gateway to refresh its configuration, ensuring all changes apply immediately.

### list_apis
This tool shows you a list of every active API definition managed by your gateway.

### update_key
Modify the parameters or status of an existing, live API key.

### update_policy
Change the rules or rate limits on a security policy you've already set up.

## Prompt Examples

**Prompt:** 
```
List all my API definitions sorted by name.
```

**Response:** 
```
I've retrieved your API definitions. You have 3 active APIs: 'Auth-Service', 'Payment-Gateway', and 'User-Management'. Would you like to see the details for any of these?
```

**Prompt:** 
```
Get the details for the security policy with ID 'pol-98765'.
```

**Response:** 
```
Inspecting policy 'pol-98765'... This policy allows access to the 'Auth-Service' with a rate limit of 100 requests per minute and a quota of 10,000 requests per month.
```

**Prompt:** 
```
Force a hot reload on the Tyk Gateway.
```

**Response:** 
```
Triggering hot reload... The Tyk Gateway has successfully reloaded its configuration and all API definitions are now up to date.
```

## Capabilities

### Manage Access Keys
The agent can generate new API keys for users or organizations and delete existing credentials.

### Enforce Security Policies
You define, update, or remove security policies that control who gets access and how often they can hit your APIs.

### Audit API Definitions
List all active API definitions in the gateway dashboard, or create brand new ones using a specific format.

### Maintain Gateway State
Force an immediate hot reload on the gateway to apply policy and key changes without service interruption.

## Use Cases

### The Quarterly Security Audit
A security analyst needs to prove that all internal microservices are limited to 50 requests per minute. Instead of logging into the dashboard and clicking policy rule after policy rule, they prompt their agent: 'Check every service for rate limits.' The agent uses tools like get_policy and list_apis to build a comprehensive compliance report.

### Hotfix Deployment
A backend developer just updated the payment processing logic. They need to ensure the live gateway sees the changes immediately without downtime. They prompt their agent: 'Force a hot reload on the Tyk Gateway.' The MCP runs the action, instantly updating the environment.

### Onboarding a New Partner
The ops engineer needs to give a new third-party partner API access. They prompt their agent: 'Create a limited key for Acme Corp with only read permissions on the User profile endpoint.' The MCP uses create_key and create_policy together, guaranteeing scoped access.

### API Clean Up
The team decommissioned an old experimental API. Instead of logging in to manually delete its definition and all related keys, the engineer prompts: 'Remove the deprecated reporting API.' The agent handles listing APIs, deleting the definition, and cleaning up associated credentials.

## Benefits

- Stop navigating complex dashboard menus. You simply tell your agent what needs to change—like generating a new key or updating a policy—and it executes the necessary commands on your behalf.
- Reduce deployment risk by instantly forcing a hot reload using the 'hot_reload' tool. This ensures that any changes made to policies or definitions are live in seconds, not minutes.
- Maintain strict compliance by having the agent run 'get_policy' and 'get_key'. You can audit access rights and rate limits across your entire ecosystem without manual checks.
- Speed up development cycles. Instead of asking a teammate for temporary credentials, you use the agent to generate keys or list definitions instantly, using tools like 'create_key' and 'list_apis'.
- Gain total control over your API structure. You can create new API definitions ('create_api_definition') and enforce governance by setting up granular security policies that limit access.

## How It Works

The bottom line is, you talk through your desired change, and the MCP executes it against your live API Gateway.

1. Subscribe to this MCP, providing your Tyk URL and either a Gateway Secret or Dashboard Token.
2. Connect your preferred AI client (like Cursor or Claude) to the Vinkius catalog.
3. Start by asking the agent to perform an action, such as 'List all payment API definitions' or 'Create a new rate-limit policy'.

## Frequently Asked Questions

**How do I manage API keys with Tyk MCP?**
You use the agent to create, read, update, and delete keys. You can ask it to 'create a new key for my staging environment' or 'get details for existing key X.' This keeps all your credential management in one place.

**Can Tyk MCP force an immediate configuration refresh?**
Yes, you use the hot_reload tool. After making any changes to policies or definitions, triggering a hot reload ensures the gateway applies those rules instantly without requiring manual intervention.

**What is the difference between listing APIs and creating them with Tyk MCP?**
You use list_apis to view all existing API definitions in your dashboard. If you need a new one, you use create_api_definition to build it out.

**Does Tyk MCP handle rate limiting and security policies?**
Absolutely. You can define or update any policy using the create_policy and update_policy tools, allowing you to set granular rate limits and access controls for your APIs.

**Is this good for auditing my current API setup?**
Yes. To audit everything, use get_key to check credentials, get_policy to review rules, and list_apis to confirm the definition status of every endpoint.