From 947f090442498e498775149205f754eb4214fd00 Mon Sep 17 00:00:00 2001 From: Andy Ost Date: Tue, 25 Nov 2025 18:10:04 +0000 Subject: [PATCH 1/2] Added docs for Dashboard API endpoint --- .../jwt-signature-validation.mdx | 21 ++++++++++++------- 1 file changed, 13 insertions(+), 8 deletions(-) diff --git a/api-management/authentication/jwt-signature-validation.mdx b/api-management/authentication/jwt-signature-validation.mdx index e344cbf32..f82a86d74 100644 --- a/api-management/authentication/jwt-signature-validation.mdx +++ b/api-management/authentication/jwt-signature-validation.mdx @@ -228,24 +228,29 @@ Tyk Classic APIs continue to use the existing JWKS caching behavior with the 240 ### JWKS Cache Management -New [Gateway API](/tyk-gateway-api) endpoints are available from **Tyk 5.10.0** to manage JWKS caches programmatically. These endpoints work for both Tyk OAS and Tyk Classic APIs: +Tyk Gateway and Dashboard APIs expose endpoints to manage JWKS caches programmatically for both Tyk OAS and Tyk Classic APIs: -| Endpoint | Method | Description | -| ------------------------- | -------- | ---------------------------------------- | -| `/tyk/cache/jwks` | `DELETE` | Invalidate JWKS caches for all APIs | -| `/tyk/cache/jwks/{apiID}` | `DELETE` | Invalidate JWKS cache for a specific API | +| Endpoint | Method | Description | Availability | +| ------------------------- | -------- | ---------------------------------------- | ------------ | +| `/tyk/cache/jwks` | `DELETE` | Invalidate JWKS caches for all APIs | Tyk 5.10.0+ | +| `/tyk/cache/jwks/{apiID}` | `DELETE` | Invalidate JWKS cache for a specific API | Tyk 5.10.0+ | +| `/api/cache/jwks/{apiID}` | `DELETE` | Invalidate JWKS cache for a specific API on all connected Gateways | Tyk 5.11.0+ | -**Note:** These endpoints are currently available only through the Tyk [Gateway API](/tyk-gateway-api) and are not yet extended to the Tyk [Dashboard API](/tyk-dashboard-api). +Note: The Dashboard API endpoint is restricted to users with `admin` privileges and can only be used to flush the cache for APIs in the user's [Organisation](/tyk-dashboard-api#organisations%2C-apis-and-users). **Example usage:** ```bash # Flush all JWKS caches curl -X DELETE http://your-gateway:8080/tyk/cache/jwks \ - -H "x-tyk-authorization: your-secret" + -H "x-tyk-authorization: your-gateway-secret" # Flush JWKS cache for specific API curl -X DELETE http://your-gateway:8080/tyk/cache/jwks/your-api-id \ - -H "x-tyk-authorization: your-secret" + -H "x-tyk-authorization: your-gateway-secret" + +# Flush JWKS cache for specific API on all connected Gateways +curl -X DELETE http://your-dashboard:8080/api/cache/jwks/your-api-id \ + -H "authorization: your-dashboard-secret" ``` ## FAQ From e81db38b4a8f7919e448ccdf00ce96bdffdb8559 Mon Sep 17 00:00:00 2001 From: Master Date: Thu, 27 Nov 2025 11:43:36 +0530 Subject: [PATCH 2/2] Update api-management/authentication/jwt-signature-validation.mdx --- api-management/authentication/jwt-signature-validation.mdx | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/api-management/authentication/jwt-signature-validation.mdx b/api-management/authentication/jwt-signature-validation.mdx index f82a86d74..68d0b614e 100644 --- a/api-management/authentication/jwt-signature-validation.mdx +++ b/api-management/authentication/jwt-signature-validation.mdx @@ -236,7 +236,9 @@ Tyk Gateway and Dashboard APIs expose endpoints to manage JWKS caches programmat | `/tyk/cache/jwks/{apiID}` | `DELETE` | Invalidate JWKS cache for a specific API | Tyk 5.10.0+ | | `/api/cache/jwks/{apiID}` | `DELETE` | Invalidate JWKS cache for a specific API on all connected Gateways | Tyk 5.11.0+ | -Note: The Dashboard API endpoint is restricted to users with `admin` privileges and can only be used to flush the cache for APIs in the user's [Organisation](/tyk-dashboard-api#organisations%2C-apis-and-users). + +The Dashboard API endpoint is restricted to users with `admin` privileges and can only be used to flush the cache for APIs in the user's [Organisation](/tyk-dashboard-api#organisations%2C-apis-and-users). + **Example usage:** ```bash