Tyk and the Quiet Superpower of Extending OpenAPI
Tyk extends the OpenAPI specification using a single vendor extension key x-tyk-api-gateway at the root of an OpenAPI 3 document. This extension organizes all gateway configuration into four sections — info, server, upstream, and middleware — plus errorOverrides, keeping the standard OpenAPI portion clean and portable. The post walks through the full JSON Schema for the extension and a comprehensive working example covering token auth, CORS, rate limiting, request validation, mock responses, URL rewrites, and per-operation middleware tied to OpenAPI operationIds. The approach enables GitOps-style declarative API operations: all configuration lives in one version-controlled, schema-validated file alongside the API definition, eliminating drift between spec and gateway config.