Tyk API Gateway
Okta integrates with Tyk in several different ways: Admin SSO: SSO from Okta into the Tyk admin dashboard via OIDC. Note: you must install Tyk Identity Broker as part of this process. Authentication (id token): Tyk can enforce OIDC access to an endpoint. Set Okta up as an OIDC provider and Tyk will check for a valid id token before passing on the request to an endpoint. Authorization: Tyk has a somewhat unique approach in that Tyk approaches authorization via jwt, which is different from many other API gateways. A jwt passed to Tyk must include a “policy id” claim. This policy id tells Tyk which Tyk policy is valid for that jwt. Tyk does not support extracting scopes from external jwts.