What is an API Gateway?

August 02, 2022

Alisdair Broshar

Alisdair Broshar
@alisdairbroshar

4 min read

An API gateway is a server that sits between your backend services and your users. It provides an abstraction layer that helps you manage the communication between clients and your services.

API gateways are a single point of entry into a microservices application and they work like a reverse proxy: They receive API calls from clients, route them to the right microservices in the backend, and return aggregated responses to clients. To learn about how they work, check out our post API Gateways: Improving performance, security and management of microservices.

API gateways

API Gateway Use Cases

While clients could make direct calls to backend services, this design quickly runs into complexities as the number of services in the application grows. There are many different ways you can use API gateways. Here are a few examples of how they are typically used:

  • Analytics and monitoring: Since your API gateway resides between your users and your backend services, you can use it to collect detailed statistics about how your services are being used.
  • Manage versions: You can use an API gateway to update, add, and retire services to your app without affecting your users' experience. Unlike direct client-to-microservice communication, all client requests pass through your API gateway, which directs these requests to the new or modified services.
  • Bundle responses: A request to an API gateway can trigger several calls to mulitple microservices. With an API gateway, you can group all of the responses from these different services, which provides a seamless experience for your users.
  • Monetize APIs: If you are looking to generate revenue with your application, one way you can do this is to use an API gateway to charge users fees to access certain API endpoints of your application.
  • Return faster responses: With an API gateway, you can return cached responses for certain requests, providing a faster response time for those client requests.
  • Perform authentication: API gateways can authenticate the requests for your services.
  • Rate-limiting: By configuring rate-limiting, you can protect your services against overuse or DoS attacks by limiting the number of requests that can be made to your services.
  • Security: You can use your API gateway to protect internal traffic by using it as a gatekeeper.

3 things to consider when using an API gateway

  1. Avoid a single point of failure - If an API gateway is a single point of entry, it is also a single point of failure. You can work around this by scaling API gateways horizontally, so traffic will be load-balanced across services.
  2. How to scale your API - API gateways need to scale as your app grows. Make sure to provision additional servers to handle spikes in API gateway traffic or consider using serverless platforms like Koyeb to manage this for you.
  3. Managing routing complexity - Likewise, as the number of services in your app grows, your routing logic can become increasingly complicated. Since microservice architectures aim to maximize the benefits of decoupling, be aware of using an API gateway to aggregate your services to the point your app resembles a monolith. In a majority of cases, you can work around this by grouping microservices according to client type and business logic.

Benefits of using an API gateway

Finally, here are some of the upsides to using an API gateway:

  1. Decoupled API endpoints make for smooth releases: Since an API gateway is a layer of abstraction, you can update and retire microservices without disrupting your users' experience.
  2. Offer a great user experience across client devices: An API gateway enables you to provide users with a seamless experience regardless of which device they use to access your service.
  3. Improve performance: An API gateway can mitigate an issue in the backend by returning either cached or default responses to your users. This creates a more reliable experience for your users.
  4. Keep services available with rate-limiting: With rate-limiting, you can manage API calls and protect your internal system from too much loading.
  5. Build protocol-rich applications: Since API gateways can translate different protocols, you can build applications with all the different protocols your services need.

More on API Gateways

If you want to read more about API gateways, read our more comprehensive blog post to find out more about they improve the performance, security and management of miroservices architectures.

Want to learn how to use an API gateway on Koyeb? Take a look at this guide that showcases how to use the Kong API Gateway on Koyeb.