Skip to content

What is an API Gateway?

Posted on:June 1, 2023 at 03:22 PM

Table of Contents

Open Table of Contents

API Gateway

An API gateway is an API management tool that is an intermediary between a client and a collection of back-end services.

An API gateway acts as a reverse proxy that accepts all API calls, collects the various services required to fulfill the calls, and returns the appropriate result.

API Gateway Illustration Image

Although an API gateway includes most of the functions found in a reverse proxy like routing, caching, and load balancing, it differs from a reverse proxy by way of its ability to address system-wide concerns.

System Concerns

Some of the system wide concerns that an API Gateway seeks to address include:

Case Analysis

An API gateway is expected to handle all tasks involved in accepting and processing thousands of concurrent API calls, including traffic management, access control, CORS support, authorization and authentication, throttling, monitoring, and API version management.

Case: You have an application that uses the microservices architecture pattern. For example, a product’s details data is spread over multiple services such as product information service, pricing service, order service, etc. However, the code that displays the details of this product needs to fetch information from all these individual services.

Problem: How will the clients of a microservice-based application access all these independent services?

Solution: The implementation of an API gateway would provide a single-entry point for all clients. Requests are handled by either proxying/routing them to the appropriate service or by handling other requests by spreading out to multiple services.

Expected blockers: Building an API gateway carries with it increased development complexity as it has to be built, deployed and managed as part of the system.

Implementation issues: An event-driven/reactive approach is the best implementation if it scales to handle high loads. On Java Virtual Machine (JVM), NIO-based (New Input/Output) libraries like Netty, Spring Reactor, etc are sensible to use. NodeJS is also another sensible option.

Common Features

  1. Security
  1. Authentication and authorization
  1. Traffic management
  1. API traffic observability
  1. Acceleration
  1. Collaboration

Benefits of API Gateways

  1. Centralizing processes and configuration in an API gateway ensures that security and availability issues are addressed sufficiently.
  1. Embedded developer portals with OpenAPI specifications such as Swagger can be used to easily document an API, thus increase developer poductivity and enhance collaboration.

Implementation Considerations

Architectural Considerations

An API gateway solution should not drive the architecture of microservices. Features, configurations, and solutions of an API gateway should only be deployed when they are needed to improve the microservices architecture.They are therefore not supposed to drive the architecture as building around niche features complicates the application.

Logs and Metrics

Diligent logs and metrics should be considered and implemented appropriately. Proper analysis of logs and metrics of APIs can save time when performance issues arise.

API Governance

Internal API governance should not be overlooked. API governance responsibilities include;

Internal Considerations

Internal promotion of adoption of API gateway should be carried out comprehensively. API gateways often add complexity to the architecture of an application as it introduces new behaviors, processes, etc.

Teams need to be onboarded to raise their awareness of new concepts for a successful adoption process.

What Next?

In the next blog series, I will build a sample API Gateway for microservices.

I will use Eureka for microservice discovery and follow an event-driven architecture.