Merge branch 'master' into release.5.7.2-rn

tyk-docs/content/advanced-configuration/compose-apis/demo-virtual-endpoint.md

@@ -22,7 +22,7 @@ For instruction on how to configure the Virtual Endpoint middleware for your API
 
 ## Example 1: Accessing Tyk data objects
 
-In this example, we demonstrate how you can access different [external Tyk objects]({{< ref "plugins/supported-languages/javascript-middleware/middleware-scripting-guide#accessing-external-and-dynamic-data" >}}) (API request, session key, API definition).
+In this example, we demonstrate how you can access different [external Tyk objects]({{< ref "api-management/plugins/javascript#accessing-external-and-dynamic-data" >}}) (API request, session key, API definition).
 
 1. Enable the Virtual Endpoint middleware on an endpoint of your API and paste this JavaScript into the API Designer (or save in a file and reference it from the middleware config):
 
@@ -79,7 +79,7 @@ time="" level=info msg="auth Header: <your-auth-header>" prefix=jsvm type=log-ms
 
 ## Example 2: Accessing custom attributes in the API Definition
 
-You can add [custom attributes]({{< ref "plugins/supported-languages/javascript-middleware/middleware-scripting-guide#adding-custom-attributes-to-the-api-definition" >}}) to the API definition and access these from within your Virtual Endpoint.
+You can add [custom attributes]({{< ref "api-management/plugins/javascript#adding-custom-attributes-to-the-api-definition" >}}) to the API definition and access these from within your Virtual Endpoint.
 
 1. Add the following custom attributes to your API definition:
 
@@ -251,7 +251,7 @@ Virtual Test ended
 
 ## Example 4: Aggregating upstream calls using batch processing
 
-One of the most common use cases for virtual endpoints is to provide some form of aggregate data to your users, combining the responses from multiple upstream service calls. This virtual endpoint function will do just that using the batch processing function from the [JavaScript API]({{< ref "plugins/supported-languages/javascript-middleware/javascript-api" >}})
+One of the most common use cases for virtual endpoints is to provide some form of aggregate data to your users, combining the responses from multiple upstream service calls. This virtual endpoint function will do just that using the batch processing function from the [JavaScript API]({{< ref "api-management/plugins/javascript#javascript-api" >}})
 
 ```js
 function batchTest(request, session, config) {

tyk-docs/content/advanced-configuration/compose-apis/virtual-endpoints.md

@@ -47,11 +47,11 @@ You will need to enable Tyk's JavaScript Virtual Machine by setting `enable_jsvm
 
 ## Scripting virtual endpoint functions
 
-The [middleware scripting guide]({{< ref "plugins/supported-languages/javascript-middleware/middleware-scripting-guide" >}}) provides guidance on writing JS functions for your virtual endpoints, including how to access key session data and custom attributes from the API definition.
+The [middleware scripting guide]({{< ref "api-management/plugins/javascript#using-javascript-with-tyk" >}}) provides guidance on writing JS functions for your virtual endpoints, including how to access key session data and custom attributes from the API definition.
 
 #### Function naming
 
-The virtual endpoint middleware will invoke a named function within the JS code that you provide (either inline or in a file). Both the filename and function name are configurable per endpoint, but note that function names must be unique across your API portfolio because all plugins run in the same virtual machine. This means that you can share a single function definition across multiple endpoints and APIs but you cannot have two different functions with the same name (this applies across all [JavaScript middleware components]({{< ref "plugins/supported-languages/javascript-middleware" >}})).
+The virtual endpoint middleware will invoke a named function within the JS code that you provide (either inline or in a file). Both the filename and function name are configurable per endpoint, but note that function names must be unique across your API portfolio because all plugins run in the same virtual machine. This means that you can share a single function definition across multiple endpoints and APIs but you cannot have two different functions with the same name (this applies across all [JavaScript middleware components]({{< ref "api-management/plugins/javascript#" >}})).
 
 Inline mode is mainly used by the dashboard to make code injection easier on multiple node deployments.
 

tyk-docs/content/advanced-configuration/transform-traffic.md

@@ -12,7 +12,7 @@ Within that chain are a highly configurable set of optional middleware that can,
 - apply processing to [API requests](#middleware-applied-to-the-api-request) before they are proxied to the upstream service
 - apply customization to the [API response](#middleware-applied-to-the-api-response) prior to it being proxied back to the client
 
-Tyk also supports a powerful custom plugin feature that enables you to add custom processing at different stages in the processing chains. For more details on custom plugins please see the [dedicated guide]({{< ref "plugins" >}}).
+Tyk also supports a powerful custom plugin feature that enables you to add custom processing at different stages in the processing chains. For more details on custom plugins please see the [dedicated guide]({{< ref "api-management/plugins/overview#" >}}).
 
 ## Middleware applied to the API Request
 

tyk-docs/content/advanced-configuration/websockets.md

@@ -54,4 +54,4 @@ An example Header configuration for using an Authentication Token with an API:
 
 {{< img src="/img/dashboard/system-management/websocket-auth-token.png" alt="Postman WebSocket Connection Result with Authorization token" >}}
 
-See the [Access an API]({{< ref "/content/getting-started/create-api-key.md" >}}) tutorial for details on adding an Authentication Token to your APIs.
+See the [Access an API]({{< ref "getting-started/create-api-key" >}}) tutorial for details on adding an Authentication Token to your APIs.

tyk-docs/content/api-management/api-versioning.md

@@ -131,7 +131,7 @@ This is easy to do with Tyk. You can include the deprecated endpoint in the new
 
 Tyk's access control model supports very granular permissions to versioned APIs.
 
-You can explicitly grant access to specific version(s) of an API by specifying only those version(s) in the [key]({{< ref "tyk-apis/tyk-gateway-api/token-session-object-details" >}}) (also known as an *authorization token*, *bearer token*, *access token*, *API token* or *token session object* - see [here]({{< ref "/api-management/client-authentication#use-auth-tokens" >}})).
+You can explicitly grant access to specific version(s) of an API by specifying only those version(s) in the [key]({{< ref "tyk-apis/tyk-gateway-api/token-session-object-details" >}}) (also known as an *authorization token*, *bearer token*, *access token*, *API token* or *token session object* - see [here]({{< ref "api-management/client-authentication#use-auth-tokens" >}})).
 
 <br>
 {{< note success >}}
@@ -158,7 +158,7 @@ If you're using the legacy Tyk Classic APIs, then check out the [Tyk Classic]({{
 
 ### Controlling access to Tyk OAS API versions
 
-You can explicitly grant access to specific version(s) of an API by specifying the individual API definitions for each version in the [key]({{< ref "tyk-apis/tyk-gateway-api/token-session-object-details" >}}) (also known as an *authorization token*, *bearer token*, *access token*, *API token* or *token session object* - see [here]({{< ref "/api-management/client-authentication#use-auth-tokens" >}})).
+You can explicitly grant access to specific version(s) of an API by specifying the individual API definitions for each version in the [key]({{< ref "tyk-apis/tyk-gateway-api/token-session-object-details" >}}) (also known as an *authorization token*, *bearer token*, *access token*, *API token* or *token session object* - see [here]({{< ref "api-management/client-authentication#use-auth-tokens" >}})).
 
 When using Tyk OAS APIs there are some subtleties to the propagation of access control between versions of an API:
 - each version of an API is treated individually by Tyk Gateway, so access must be explicity granted for each version
@@ -354,7 +354,7 @@ If you're using Tyk Operator then check out the [configuring API versioning in T
 
 ### Controlling access to Tyk Classic API versions
 
-You can explicitly grant access to specific version(s) of an API by specifying only those version(s) in the [key]({{< ref "tyk-apis/tyk-gateway-api/token-session-object-details" >}}) (also known as an *authorization token*, *bearer token*, *access token*, *API token* or *token session object* - see [here]({{< ref "/api-management/client-authentication#use-auth-tokens" >}})).
+You can explicitly grant access to specific version(s) of an API by specifying only those version(s) in the [key]({{< ref "tyk-apis/tyk-gateway-api/token-session-object-details" >}}) (also known as an *authorization token*, *bearer token*, *access token*, *API token* or *token session object* - see [here]({{< ref "api-management/client-authentication#use-auth-tokens" >}})).
 
 ### Configuring API versioning in the Tyk Classic API Definition
 

tyk-docs/content/api-management/automations/operator.md

@@ -255,8 +255,8 @@ To address this challenge, Tyk Operator allows you to directly reference certifi
 
 We assume you have already installed Tyk. If you don’t have it, check out [Tyk
 Cloud]({{<ref "tyk-cloud#quick-start-tyk-cloud">}}) or [Tyk Self
-Managed]({{<ref "/getting-started/installation">}}) page. [Tyk Helm
-Chart]({{<ref "/product-stack/tyk-charts/overview">}}) is the preferred (and easiest) way to install Tyk on Kubernetes.
+Managed]({{<ref "getting-started/installation">}}) page. [Tyk Helm
+Chart]({{<ref "product-stack/tyk-charts/overview">}}) is the preferred (and easiest) way to install Tyk on Kubernetes.
 
 In order for policy ID matching to work correctly, Dashboard must have `allow_explicit_policy_id` and
 `enable_duplicate_slugs` set to `true` and Gateway must have `policies.allow_explicit_policy_id` set to `true`.
@@ -1349,9 +1349,9 @@ spec:
 
 #### Custom Plugin Auth (go)
 
-This configuration uses a [Golang plugin]({{<ref "plugins/supported-languages/golang">}}) for custom authentication. The following example shows how to create an API definition with a Golang custom plugin for `httpbin-go-auth`.
+This configuration uses a [Golang plugin]({{<ref "api-management/plugins/golang#">}}) for custom authentication. The following example shows how to create an API definition with a Golang custom plugin for `httpbin-go-auth`.
 
-For an example of Golang authentication middleware, see [Performing custom authentication with a Golang plugin]({{<ref "product-stack/tyk-gateway/advanced-configurations/plugins/golang/go-plugin-examples#performing-custom-authentication-with-a-golang-plugin">}}).
+For an example of Golang authentication middleware, see [Performing custom authentication with a Golang plugin]({{<ref "api-management/plugins/golang#performing-custom-authentication-with-a-golang-plugin">}}).
 
 ```yaml {hl_lines=["7-7", "14-21"],linenos=false}
 apiVersion: tyk.tyk.io/v1alpha1
@@ -1379,7 +1379,7 @@ spec:
 
 #### Custom Plugin Auth (gRPC)
 
-This configuration uses a [gRPC plugin]({{<ref "plugins/supported-languages/golang">}}) for custom authentication. The following example shows how to create an API definition with a gRPC custom plugin for `httpbin-grpc-auth`.
+This configuration uses a [gRPC plugin]({{<ref "api-management/plugins/golang#">}}) for custom authentication. The following example shows how to create an API definition with a gRPC custom plugin for `httpbin-grpc-auth`.
 
 For a detailed walkthrough on setting up Tyk with gRPC authentication plugins, refer to [Extending Tyk with gRPC Authentication Plugins](https://tyk.io/blog/how-to-setup-custom-authentication-middleware-using-grpc-and-java/).
 

tyk-docs/content/api-management/client-authentication.md

@@ -2460,14 +2460,14 @@ The following algorithms are supported:
 #### Go Plugins
 
 Go Plugin Authentication allows you to implement custom authentication logic using the Go programming language. This method is useful for scenarios where you need to implement specialized authentication mechanisms that are not natively supported by Tyk.
-To learn more about using Tyk Golang Plugins, go [here](/plugins/supported-languages/golang/#supported-plugin-types)
+To learn more about using Tyk Golang Plugins, go [here]({{< ref "api-management/plugins/golang" >}})
 
 #### Use Python CoProcess and JSVM Plugin Authentication
 
 Tyk allows for custom authentication logic using Python and JavaScript Virtual Machine (JSVM) plugins. This method is useful for implementing unique authentication mechanisms that are tailored to your specific requirements.
 
-* See [Custom Authentication with a Python plugin]({{< ref "plugins/supported-languages/rich-plugins/python/custom-auth-python-tutorial" >}}) for a detailed example of a custom Python plugin.
-* See [JavaScript Middleware]({{< ref "plugins/supported-languages/javascript-middleware" >}}) for more details on using JavaScript Middleware. 
+* See [Custom Authentication with a Python plugin]({{< ref "api-management/plugins/rich-plugins#custom-authentication-plugin-tutorial" >}}) for a detailed example of a custom Python plugin.
+* See [JavaScript Middleware]({{< ref "api-management/plugins/javascript#" >}}) for more details on using JavaScript Middleware. 
 
 ### Open (No Authentication)
 

tyk-docs/content/api-management/dashboard-configuration.md

@@ -118,19 +118,19 @@ The Dashboard exposes two APIs:
 
     To know more about Dashboard APIs, refer the following documents:
     - [Postman / Swagger / Open API specification]({{< ref "tyk-dashboard-api" >}})
-    - [Dashboard API Usage Examples]({{< ref "" >}})
+    - [Dashboard API Usage Examples]({{< ref "#dashboard-api-resources-and-usage" >}})
 
  - **Dashboard Admin API**: Is used for system-level administration and initial setup tasks like managing organizations, initial user creation, backups/migrations and SSO setup. 
 
     To know more about Dashboard Admin APIs, refer the following documents:
     - [Postman / Swagger / Open API specification]({{< ref "dashboard-admin-api" >}})
-    - [Dashboard Admin API Usage Examples]({{< ref "" >}})
+    - [Dashboard Admin API Usage Examples]({{< ref "#dashboard-admin-api-resources-and-usage" >}})
 
 ### Authenticating with Dashboard APIs
 
 **Dashboard API**
 
-The [Tyk Dashboard API]({{< ref "tyk-dashboard-api.md" >}}) is secured using an `Authorization` header that must be added to each request that is made. The **Tyk Dashboard API Access Credentials** `Authorization` key can be found within the Dashboard UI at the bottom of the **Edit User** section for a user.
+The [Tyk Dashboard API]({{< ref "tyk-dashboard-api" >}}) is secured using an `Authorization` header that must be added to each request that is made. The **Tyk Dashboard API Access Credentials** `Authorization` key can be found within the Dashboard UI at the bottom of the **Edit User** section for a user.
 
 **Dashboard Admin API**
 
@@ -2701,7 +2701,7 @@ In a production environment, you must change the default `admin_Secret` in the`t
 </br>
 {{< /warning >}}
 
-For the official Tyk Dashboard Admin API Reference, please visit our [API Documentation]({{< ref "dashboard-admin-api/" >}}).
+For the official Tyk Dashboard Admin API Reference, please visit our [API Documentation]({{< ref "dashboard-admin-api" >}}).
 
 ### Organizations API
 
@@ -3521,7 +3521,7 @@ The **Core Settings** tab provides access to configure basic settings for the AP
    - [Service Discovery]({{< ref "tyk-self-managed#service-discovery" >}})
 - [API Ownership]({{< ref "api-management/user-management#api-ownership" >}})
 - [API level rate limiting]({{< ref "api-management/rate-limit#configuring-the-rate-limiter-at-the-api-level" >}})
-- [Authentication]({{< ref "/api-management/client-authentication" >}})
+- [Authentication]({{< ref "api-management/client-authentication" >}})
 
 ### Versions
 
@@ -3988,7 +3988,7 @@ The use of the `#` qualifier to identify a category prevents the use of `#` in y
 {{< /note >}}
 
 ### Using API categories
-API categories can be added and removed from APIs within the [API Designer]({{< ref "#api-designer" >}}), via the [Tyk Dashboard API]({{< ref "#tyk-dashboard-api" >}}), or via [Tyk Operator]({{< ref "/api-management/automations/operator#what-is-tyk-operator" >}}).
+API categories can be added and removed from APIs within the [API Designer]({{< ref "#api-designer" >}}), via the [Tyk Dashboard API]({{< ref "#tyk-dashboard-api" >}}), or via [Tyk Operator]({{< ref "api-management/automations/operator#what-is-tyk-operator" >}}).
 
 #### API Designer
 The API Designer in the Tyk Dashboard UI provides a simple method for assigning APIs to categories, removing categories and filtering the API list by category.
@@ -4037,7 +4037,7 @@ These endpoints will return information for categories across all APIs in the sy
 
 #### Tyk Operator
 
-You can manage categories using Tyk Operator custom resources. Please refer to [Tyk Operator]({{<ref "/api-management/automations/operator#api-categories">}}) documentation to see how to manage API categories for Tyk OAS APIs and Tyk Classic APIs.
+You can manage categories using Tyk Operator custom resources. Please refer to [Tyk Operator]({{<ref "api-management/automations/operator#api-categories">}}) documentation to see how to manage API categories for Tyk OAS APIs and Tyk Classic APIs.
 
 ## Governance using API Templates
 

tyk-docs/content/api-management/external-service-integration.md

@@ -499,10 +499,10 @@ There is a simplified flow, which does not require a corresponding OAuth client
 
 ## SSO with OpenID Connect (OIDC)
 
-- Instruction on setting [SSO with Okta]({{< ref "" >}})
-- Instructions on setting [SSO with Auth0]({{< ref "" >}})
-- Instructions on setting [SSO with Keycloak]({{< ref "" >}})
-- Instructions on setting [SSO with AzureAD]({{< ref "" >}})
+- Instruction on setting [SSO with Okta]({{< ref "#oidc-with-okta" >}})
+- Instructions on setting [SSO with Auth0]({{< ref "#oidc-with-auth0" >}})
+- Instructions on setting [SSO with Keycloak]({{< ref "#oidc-with-keycloak" >}})
+- Instructions on setting [SSO with AzureAD]({{< ref "#oidc-with-azure-ad" >}})
 
 ### OIDC with Azure AD