[DX-1774, TT-13333] Upstream

[andyo-tyk]

User description

Preview Link

https://deploy-preview-5746--tyk-docs.netlify.app/docs/nightly/basic-config-and-security/security/upstream-authentication/

Description

Upstream authentication

---

PR Type

Documentation

---

Description

• Added a new documentation page on upstream authentication, detailing various methods such as Mutual TLS, Token-based authentication, Basic Authentication, and OAuth 2.0.
• Provided configuration examples for setting up upstream authentication in Tyk OAS API definitions.
• Updated the documentation menu to include a new entry for "Upstream Authentication" and made title adjustments for consistency.

---

Changes walkthrough 📝

Relevant files

Documentation

upstream-authentication.md Add detailed upstream authentication documentation              tyk-docs/content/basic-config-and-security/security/upstream-authentication.md Added comprehensive documentation on upstream authentication methods. Included sections on Mutual TLS, Token-based authentication, Basic Authentication, and OAuth 2.0. Provided configuration examples for Tyk OAS API definitions. Explained usage of Tyk API Designer for setting up upstream authentication. +437/-0  menu.yaml Update menu structure for upstream authentication                tyk-docs/data/menu.yaml Updated menu titles for consistency (e.g., "MTLS" to "Mutual TLS"). Added new menu entry for "Upstream Authentication". Adjusted capitalization for "Authentication and Authorization". +11/-3

---

💡 PR-Agent usage: Comment /help "your question" on any pull request to receive relevant information

[github-actions]

PR Reviewer Guide 🔍

Here are some key observations to aid the review process:

⏱️ Estimated effort to review: 3 🔵🔵🔵⚪⚪

🧪 No relevant tests

🔒 Security concerns OAuth 2.0 Password Grant Usage: The use of OAuth 2.0 Password Grant is mentioned as supported for legacy systems, despite being discouraged in security best practices. This could potentially expose sensitive user credentials if not handled with extreme caution.

⚡ Recommended focus areas for review Documentation Clarity The documentation should clarify the use of deprecated or discouraged security practices, such as the OAuth 2.0 Password Grant, and provide clear warnings or alternatives. Link Validation Ensure all internal and external links are valid and lead to the correct resources. This includes checking for correct URL formatting and verifying that all referenced documents exist and are accessible.

[github-actions]

PR Code Suggestions ✨

No code suggestions found for the PR.

[netlify]

✅ PS. Pls add /docs/nightly to the end of url

Name	Link
🔨 Latest commit	3a035d3
🔍 Latest deploy log	https://app.netlify.com/sites/tyk-docs/deploys/674067e1f9555200087f047c
😎 Deploy Preview	https://deploy-preview-5746--tyk-docs.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify site configuration.

[netlify]

✅ PS. Pls add /docs/nightly to the end of url

Name	Link
🔨 Latest commit	cb00b05
🔍 Latest deploy log	https://app.netlify.com/sites/tyk-docs/deploys/6745a722c82d3f0008519a50
😎 Deploy Preview	https://deploy-preview-5746--tyk-docs.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify site configuration.

[sharadregoti]

Need an image that elaborate this text.

[andyo-tyk]

I agree - there are a lot of places where we need images (and can then remove some of my verbosity 😂 ). Given workload at the moment, can we add this later, for when this page is published publicly?

[sharadregoti]

I'll try to add it by EOD, If not then I'll merge it.