An API Gateway provides a single and unified API entry point across one or more internal APIs. It mediates, routes, and invokes a respective endpoint after request verification, content filtering, authentication, and authorization. It is an essential element of cloud-native architecture. The API gateway hides the diversity of protocols from multiple background microservices. It provides a common API for each client and microservice. An API gateway is responsible for request routing, composition, and protocol translation. It also has other functionalities, such as authentication, monitoring, load balancing, caching, request shaping and management, and static response handling.
An API gateway can route requests either by proxying/routing requests to the appropriate microservice or by scattering them to multiple microservices.
An API gateway provides the following benefits:
- Clients don’t need to worry about resolving the location of each microservice instance
- It can provide a custom API for each client.
- It reduces unnecessary network round-trips. by enabling a client to make a single request for specific data from multiple microservices
- It provides the flexibility to merge two or more services as a single service, or even split a single service into two or more services
- It supports protocol diversity as well as client device diversity
- It can centralize cross-cutting concerns, such as security, monitoring, rate limiting etc.
On the other hand deploying an API gateway brings in certain limitations such as
- API are edge applications, which must be developed, deployed, and managed.
- It increases the response time due to additional processing at the gateway.
- It could become a single point of failure if the proper measures are not taken.
Another interesting aspect of API gateways is the ability to provide an interaction point which is optimized to the caller and redirect all callers to their optimized entry point. For. eg A mobile device may ideally want to get all information in a single API call rather than firing multiple API calls. At the same time a SPA web client may want to have a chatty interface and make multiple calls to get the same information. This distinction may be due to their network characteristics. This can be handled using an API gateway by using a pattern called Backed for Frontends ( BFF).