Side by Side
At a Glance
14 dimensions of comparison between Naftiko and Tyk — same row, different layer of the stack. Scan top-to-bottom to see where each product makes a different choice on the same axis.
Dimension
Naftiko
Tyk
Category
Naftiko
Spec-driven integration platform
Tyk
Open-source-first API gateway + management plane — Gateway (MPL 2.0 OSS), Dashboard (commercial), MDCB (multi-data-center bridge), Operator (K8s), Cloud (managed SaaS), AI Studio (going OSS)
Origin
Naftiko
Kin Lane (API Evangelist) + Jerome Louvel (Restlet → Talend → Qlik), 2025
Tyk
Tyk Technologies, 2014 — UK-headquartered; Martin Buhr CEO; strong financial-services + Open Banking presence; FDX member Feb 2026
Primary primitive
Naftiko
Capability — declared in YAML; consumes + exposes
Tyk
Tyk OAS API (OAS-native) + Tyk Classic API (legacy JSON) + Policy + Key + Organisation + Dataplane
Layer in the stack
Naftiko
Build-time + ship-time + runtime engine that authors integrations
Tyk
Runtime gateway data plane + Dashboard control plane + MDCB cross-region bridge + AI Studio AI gateway
Core artifact
Naftiko
YAML capability spec (declarative, multi-protocol)
Tyk
Tyk OAS API spec (OpenAPI 3 + Tyk extensions) or legacy Tyk Classic JSON; Policy JSON; Key session; managed via Dashboard or Operator CRDs
Open source posture
Naftiko
Apache 2.0 Framework, free Fleet community, paid Standard / Enterprise
Tyk
MPL 2.0 Gateway is fully open-source. Dashboard + MDCB are commercial-only. AI Studio is going open source (announced 2026). Tyk Operator is open-source on GitHub. Strongest open-source posture of any commercial API gateway vendor.
Multi-protocol exposure
Naftiko
REST + MCP + Skills + Webhooks + A2A — same capability, all protocols
Tyk
Gateway routes REST, GraphQL, gRPC, TCP, async (Kafka/MQTT/AMQP); AI Studio adds LLM provider routing + MCP integration; OAS API export
AI gateway posture
Naftiko
exposes: mcp on any capability; LLM access via consumed APIs
Tyk
Tyk AI Studio — control plane for LLM/AI routing, governance, cost control; plugin ecosystem for model selection + guardrails; MCP servers as integration points
Multi-region / multi-cluster
Naftiko
Naftiko Fleet operator + shared rules engine across IDE / CI / admission
Tyk
MDCB (Multi-Data Center Bridge) — single Dashboard manages gateways across regions/clouds with offline-capable data plane sync
Governance scope
Naftiko
Design-time (Spectral lint), admission (Kyverno / OPA), runtime engine
Tyk
Runtime — Policy + Key + Organisation quotas + OPA rule engine in Dashboard + FAPI 2.0 / FDX compliance posture for financial services
Discovery surface
Naftiko
Backstage capability catalog + scorecards + apis.io
Tyk
Tyk Dashboard developer portal (customizable, multi-org) + Catalog + Policy library; FAPI Accelerator for Open Banking discovery
Identity / OAuth
Naftiko
Runtime secret injection (env, ExternalSecrets); Keycloak / OpenFGA roadmap
Tyk
Native OAuth 2.0 client + token management at the gateway; JWT (with nested claims, Tyk 5.11); mTLS + cert lifecycle; FAPI 2.0 readiness for regulated agent access
Cost / FinOps
Naftiko
Cost-center labels propagated to K8s; Kubecost integration
Tyk
FOCUS-aligned (Visibility + Allocation + Optimization + Accountability); metered per gateway requests; deployment-mode-driven cost optimization
Founder framing
Naftiko
“Capability fleet” — many ships, one navy
Tyk
“Open Source First. Built for Enterprise Scale. Ready for AI.” — AI Control Stack thesis: APIs are deterministic, LLMs are creative; governance lives at the intersection.
Common Ground
Where They Overlap
Both Naftiko and Tyk bet on the layer above per-vendor MCPs. Here are the 8 concrete places where those bets actually meet — same problem, sometimes the same shape, increasingly the same conversation.
1
Both treat OpenAPI as the contract layer, not documentation
Tyk's OAS API direction makes OpenAPI 3 the native gateway spec format (with Tyk extensions for routing, auth, policies). Naftiko's consume block backs onto OpenAPI; the capability YAML treats the spec as governance-first infrastructure. Both refuse the ‘OpenAPI is just docs’ default.
2
Both treat MCP as a first-class protocol
Tyk AI Studio explicitly integrates MCP servers as extensibility points for AI agents calling APIs and tools. Naftiko exposes any capability as MCP via
exposes: mcp. Both refuse to bolt MCP on as an afterthought.3
Both ship a strong open-source-foundation-plus-enterprise model
Tyk Gateway is MPL 2.0 OSS with no feature gates behind commercial license. Naftiko Framework is Apache 2.0; Fleet community is free; Standard / Enterprise tiers layer on. Both refuse the closed-SaaS-only default.
4
Both target the post-Apigee modernization wave
Tyk blogs (Tyk 5.11, AI Studio) target enterprises migrating off legacy gateways with standards-first, multi-protocol, AI-ready infrastructure. Naftiko targets the same enterprises with a capability-spec abstraction over their API sprawl. Different wedges, same modernization moment.
5
Both publish standards-aligned artifacts upstream
Tyk joined FDX (Financial Data Exchange) Feb 2026, ships FAPI 2.0 compliance, contributes to OAS standards. Naftiko publishes capability YAML + Spectral rulesets + capability catalog at apis.io. Both refuse to keep the contract layer proprietary.
6
Both ship multi-region / multi-cluster as a first-class concern
Tyk MDCB is built for multi-data-center clustering with offline-capable data-plane sync from a single Dashboard. Naftiko Fleet treats capability deployment as cross-cluster topology with shared rules engine. Both refuse the ‘one cluster fits all’ default.
7
Both ship Kubernetes-native config-as-code
Tyk Operator is an open-source K8s controller that reconciles API definitions, policies, and certificates as CRDs. Naftiko ships a NaftikoCapability CRD and operator. Both refuse the ‘click-ops console’ default that legacy API management leans on.
8
Both publish FinOps-aware metering aligned with FOCUS
Tyk's FinOps file follows FOCUS principles (Visibility, Allocation, Optimization, Accountability); Naftiko propagates cost-center labels into Kubecost for per-call attribution. Both refuse the ‘no per-call cost visibility’ anti-pattern.
Where We Diverge
How Naftiko Is Different
The clearest single-sentence difference: Tyk runs an open-source-first API gateway + commercial control plane + multi-data-center bridge + AI Studio AI gateway. Naftiko writes the spec-driven artifact that lives on top of any gateway runtime. Different bets — Tyk for the open-source-credible enterprise gateway with strongest financial-services posture; Naftiko for the spec-driven authoring engine that emits whatever gateway needs.
1
Spec-driven capability vs OAS-native + classic gateway artifact
Naftiko
Author capabilities as declarative YAML — the capability is the artifact; the engine reads it. Same spec, multiple protocols.
Tyk
Author Tyk OAS APIs (OpenAPI 3 + Tyk extensions) or legacy Classic JSON. The API definition + Policy + Key + Organisation are the artifacts; the Gateway + Dashboard manage them.
Same direction (config-as-code) at different altitudes — Naftiko at the multi-protocol integration spec layer, Tyk at the gateway routing + policy layer.
2
Multi-protocol expose via spec vs gateway routes by upstream protocol
Naftiko
One capability YAML exposes REST + MCP + Skills + Webhooks + A2A simultaneously from a single spec.
Tyk
Gateway routes REST, GraphQL, gRPC, TCP, async (Kafka/MQTT/AMQP) per upstream protocol; AI Studio adds LLM provider routing. The spec describes what to route; the gateway routes it.
3
Capability primitive vs Tyk OAS API + Policy + Key + Organisation primitives
Naftiko
Primary identity is ‘the thing that does X’ — composed from consumes and exposes, versioned as a YAML artifact.
Tyk
Primary identities are Tyk OAS API (or Classic), Policy (quotas + rate limits + auth + ACL), Key (session bound to policies), Organisation (multi-tenant boundary). Gateway-shaped, regulated-tenant-shaped.
4
Three governance altitudes vs runtime + OPA-enhanced governance
Naftiko
Spectral rulesets at design time (IDE + CI), Kyverno / OPA at admission time, runtime checks in the engine. Lifecycle-shaped governance.
Tyk
Governance is runtime — Policy + Key + Organisation quotas at the gateway, OPA rule engine in the Dashboard for advanced permissions, OAuth + JWT + mTLS for identity. No design-time spec linter for the integration spec layer itself.
5
Bring-your-own infra (cluster runtime) vs OSS gateway + commercial control plane + MDCB + managed Cloud
Naftiko
Customer runs the engine on their infra; controls the data plane, network egress, secrets, storage.
Tyk
Customer chooses — fully self-hosted (Gateway + Dashboard + MDCB on-prem), Tyk Cloud SaaS managed (Core / Professional / Enterprise tiers), or hybrid (Tyk Operator on customer K8s).
6
Capability composition vs gateway + AI Studio control stack
Naftiko
Capabilities compose — applied capabilities consume source capabilities following DDD aggregate patterns. The spec layer makes composition declarative.
Tyk
Gateway routes APIs; AI Studio routes LLMs and MCP; Dashboard governs both. The control stack is the composition layer — APIs are deterministic, LLMs are creative, governance is the intersection.
7
Open-source posture: engine OSS vs gateway OSS + going-OSS AI Studio
Naftiko
Apache 2.0 Framework runs in your container, your Kubernetes, your VPC. Open-source is the engine.
Tyk
MPL 2.0 Gateway is fully OSS production-ready; Dashboard + MDCB are commercial-only; AI Studio is going open-source (announced 2026); Operator is open-source on GitHub. Strongest mixed OSS posture in the gateway category.
8
Enterprise integration team vs financial-services + Open Banking primary buyer
Naftiko
Sally the Integration Engineer at a regulated enterprise — many APIs, many domains, many cost centers, governance is the load-bearing concern.
Tyk
Banks, fintechs, and regulated enterprises adopting Open Banking / FDX / FAPI 2.0 — agentic AI consuming financial APIs under user-permissioned constraints is the load-bearing concern.
Partnership Thesis
Service Partnership
Naftiko is the spec-driven authoring engine. Tyk is the open-source gateway + commercial control plane + multi-data-center bridge + AI Studio AI gateway. The capability map below treats every Tyk surface — Tyk OAS APIs, Policies, Keys, OAuth clients, Organisation quotas, batch requests, certs, hot reload, MDCB data planes + config — as a Naftiko-consumable target. Naftiko writes the capability YAML, Tyk publishes the matching OAS API + Policy + Key + Organisation + Dataplane assignment from the spec layer. Naftiko authors; Tyk routes, authenticates, quotas, and governs across regions.
“Naftiko brings the spec layer, the multi-protocol exposure, and the open-source authoring engine. Tyk brings the open-source-first gateway runtime, the commercial control plane, the multi-data-center bridge, and the AI Studio AI gateway. Together: a Naftiko capability YAML becomes an end-to-end governed, multi-region, OAS-native, FAPI-ready integration on Tyk's runtime — without the customer hand-authoring Tyk OAS API definitions, Policies, or Organisation quota assignments.”
Two First-Meeting Questions
Q1. Naftiko capability YAMLs as Tyk OAS APIs
Would Tyk support a documented ‘wrap me as a Tyk OAS API’ pattern — where every Naftiko
exposes: rest capability auto-generates the matching Tyk OAS API + Policy + Key + Organisation quota assignment, deployable to Tyk Gateway / Cloud / Dashboard with one command? The capability map below treats the Tyk gateway-tyk-oas-apis surface as a Naftiko-publishable target; codifying that pattern would mean every Naftiko-authored integration ships with a turnkey Tyk OAS API + governance bundle — without hand-writing OAS extensions, policies, or quotas.Q2. Naftiko-built MCP servers federated into Tyk AI Studio
Would Tyk AI Studio (going open-source 2026) open a documented integration path for Naftiko-built MCP servers to land as first-class AI Studio backends with Policy + Quota + FAPI governance applied? Today AI Studio is positioned as the AI Control Stack for LLMs and MCP; opening it to Naftiko-authored MCP capabilities would compound the open-source posture and give every Naftiko capability an OSS AI gateway runtime with financial-services-grade governance from day one.
Integration Kit
Partnership Capability Map
12 Naftiko capabilities authored to integrate with Tyk as a service partner. Each one consumes a specific Tyk surface and exposes it as REST + MCP through the Naftiko engine — shipped as inline alpha2 YAML in the api-evangelist repository and published to the apis.io capability catalog.
Tyk Gateway General (API Definitions)
gateway-general
CRUD over Tyk Gateway API definitions — the core surface where Naftiko-authored REST adapters land as gateway-routed APIs.
Tyk OAS APIs
gateway-tyk-oas-apis
Manage Tyk OAS APIs (OpenAPI 3 + Tyk extensions) — the modern OAS-native direction Tyk is moving toward. Naftiko emits OAS APIs from its spec layer.
Tyk Gateway Keys
gateway-keys
Session and key management at the gateway — the unit Naftiko maps to a Fleet customer / agent identity for gateway-routed traffic.
Tyk Gateway Policies
gateway-policies
Policy CRUD — the governance primitive (quotas, rate limits, auth methods, access rights) Naftiko issues from its declared capability spec.
Tyk Gateway OAuth
gateway-oauth
OAuth 2.0 client + token management at the gateway — the auth surface Naftiko routes consume-side OAuth through when Tyk holds the agent tokens.
Tyk Gateway Organisation Quotas
gateway-organisation-quotas
Organisation-level quota management — the multi-tenant boundary where Naftiko-issued cost-center labels map to gateway-enforced quotas.
Tyk Gateway Batch Requests
gateway-batch-requests
Batch request processing — the operation Naftiko-composed aggregate capabilities use to issue grouped upstream calls through a single gateway hop.
Tyk Gateway Hot Reload
gateway-hot-reload
Hot reload of gateway configuration (full + per-node) — the operation Naftiko triggers to land a new capability-derived API definition without restarting the gateway.
Tyk Gateway Certs
gateway-certs
Certificate management at the gateway — the mTLS + cert lifecycle surface Naftiko's identity-governance roadmap binds to for upstream trust.
Tyk Gateway Health Checking
gateway-health-checking
Gateway health-check surface — Naftiko's OTel + Prometheus pipeline pulls this for per-capability health observability over the gateway runtime.
Tyk MDCB Dataplanes
mdcb-dataplanes
List connected MDCB data planes — the multi-region intelligence Naftiko Fleet pulls for cross-cluster capability topology mapping.
Tyk MDCB Config
mdcb-config
MDCB configuration status — the cross-region control plane surface Naftiko queries to understand how a published capability fans out across regions.
