← All Concepts
Architecture
API Gateway
A single entry point for all client requests that handles cross-cutting concerns like auth, rate limiting, and routing.
**API Gateway** is a reverse proxy that sits between clients and backend services.
**Responsibilities:**
- **Request routing**: Route to appropriate microservice
- **Authentication/Authorization**: Validate tokens, API keys
- **Rate limiting**: Throttle requests per client
- **Load balancing**: Distribute across service instances
- **Request/response transformation**: Format conversion, aggregation
- **Caching**: Cache frequent responses
- **Monitoring**: Logging, metrics, tracing
- **Circuit breaking**: Prevent cascading failures
**Patterns:**
- **Backend for Frontend (BFF)**: Separate gateway per client type (web, mobile)
- **Aggregation**: Combine multiple service responses into one
- **Protocol translation**: REST to gRPC, HTTP to WebSocket
**Common tools:** Kong, AWS API Gateway, Nginx, Envoy, Traefik.
Common Use Cases
- Microservices architecture entry point
- Mobile app backend (BFF pattern)
- Third-party API management
- Legacy system modernization (facade)
Advantages
- +Centralizes cross-cutting concerns
- +Simplifies client code (single endpoint)
- +Enables independent service evolution
- +Provides consistent auth and rate limiting
Disadvantages
- -Single point of failure if not properly redundant
- -Adds latency (extra network hop)
- -Can become a development bottleneck
- -Over-centralization can reduce team autonomy