Tyk is an open-source API gateway and management platform with a strong enterprise feature set: a dashboard for API configuration and analytics, a developer portal catalogue, and multi-data-centre deployment via the MDCB component. The Naftiko capability set for Tyk is one of the most complete in the fleet, covering API management, policy management, key management, analytics, and full platform administration.
What the Capability Covers
Two workflow capabilities: API Management (full CRUD for APIs and policies, key management, developer catalogue, gateway health, live reload, and certificate management) and Platform Administration (organization management, admin users, system export/import, dataplane management, MDCB health, diagnostics).
MCP Tools Available
dashboard-list-apis, dashboard-get-api, dashboard-create-api, dashboard-update-api, dashboard-delete-api, dashboard-list-policies, dashboard-get-policy, dashboard-create-policy, dashboard-list-keys, dashboard-create-key, dashboard-list-users, dashboard-get-catalogue, gateway-list-apis, gateway-check-health, gateway-hot-reload, gateway-list-certificates, list-organizations, create-organization, update-organization, delete-organization, list-admin-users, create-admin-user, export-system, import-system, list-dataplanes, get-dataplane, check-mdcb-health, get-diagnostics
Capability Specification
naftiko: "1.0.0-alpha1"
info:
label: "Tyk API Management"
description: "Unified API management workflow combining Gateway and Dashboard APIs for API developers and platform engineers to manage API definitions, keys, policies, and portal configurations."
tags:
- API Management
- Gateway
- Tyk
binds:
- namespace: env
keys:
TYK_GATEWAY_SECRET: TYK_GATEWAY_SECRET
TYK_DASHBOARD_API_KEY: TYK_DASHBOARD_API_KEY
capability:
consumes:
- namespace: tyk-gateway
type: http
baseUri: https://gateway.cloud.tyk.io
authentication:
type: header
header: x-tyk-authorization
value: ""
resources:
- name: health
path: "/hello"
operations:
- name: check-health
method: GET
- name: reload
path: "/tyk/reload"
operations:
- name: hot-reload
method: GET
- namespace: tyk-dashboard
type: http
baseUri: https://admin.cloud.tyk.io
authentication:
type: header
header: authorization
value: ""
resources:
- name: apis
path: "/api/apis/{apiId}"
operations:
- name: list-apis
method: GET
- name: create-api
method: POST
- name: policies
path: "/api/portal/policies/{policyId}"
operations:
- name: list-policies
method: GET
- name: system
path: "/admin/system"
operations:
- name: export-system
method: GET
exposes:
- type: mcp
port: 9080
namespace: tyk-api-management-mcp
description: "MCP server for AI-assisted Tyk API management."
tools:
- name: dashboard-list-apis
description: "List all API definitions from the Tyk Dashboard."
hints:
readOnly: true
call: "tyk-dashboard.list-apis"
outputParameters:
- type: object
mapping: "$."
- name: dashboard-create-api
description: "Create a new API definition in the Tyk Dashboard."
hints:
readOnly: false
destructive: false
idempotent: false
call: "tyk-dashboard.create-api"
outputParameters:
- type: object
mapping: "$."
- name: dashboard-list-policies
description: "List all security and quota policies in the Tyk Dashboard."
hints:
readOnly: true
call: "tyk-dashboard.list-policies"
outputParameters:
- type: object
mapping: "$."
- name: gateway-check-health
description: "Check the health status of the Tyk Gateway instance."
hints:
readOnly: true
call: "tyk-gateway.check-health"
outputParameters:
- type: object
mapping: "$."
- name: gateway-hot-reload
description: "Trigger a hot reload of API definitions on the Tyk Gateway without restart."
hints:
readOnly: false
destructive: false
idempotent: true
call: "tyk-gateway.hot-reload"
outputParameters:
- type: object
mapping: "$."
- name: export-system
description: "Export the full Tyk system configuration for backup or environment migration."
hints:
readOnly: true
call: "tyk-dashboard.export-system"
outputParameters:
- type: object
mapping: "$."
Running It
docker pull ghcr.io/naftiko/framework:latest
# Set TYK_GATEWAY_SECRET and TYK_DASHBOARD_API_KEY in your .env file
docker run -p 9080:9080 \
-v ./capabilities/api-management.yaml:/app/capability.yaml \
--env-file .env \
ghcr.io/naftiko/framework:latest /app/capability.yaml
The export-system and import-system tools make Tyk capabilities particularly useful for environment migration and disaster recovery — an AI agent can export a full Tyk configuration, validate it, and import it to a new environment as part of a governed promotion pipeline. The Tyk capability set is part of the Naftiko Fleet.
