API Gateway

An API Gateway is a software gateway system that can support API management tasks through API request routing, API security enforcement, and API traffic control.

• AKA: API Management Gateway, API Proxy, API Front Door.
• Context:
  • It can (typically) route API Requests through API routing rules.
  • It can (typically) enforce API Authentications through API security protocols.
  • It can (typically) implement API Rate Limitings through API throttling mechanisms.
  • It can (typically) transform API Messages through API transformation rules.
  • It can (typically) aggregate API Responses through API composition patterns.
  • ...
  • It can (often) cache API Response Datas through API caching strategys.
  • It can (often) monitor API Performance Metrics through API analytics systems.
  • It can (often) balance API Traffic Loads through API load distribution algorithms.
  • It can (often) validate API Request Formats through API schema validation.
  • ...
  • It can range from being a Simple API Gateway to being a Complex API Gateway, depending on its API management sophistication.
  • It can range from being a Single-Purpose API Gateway to being a Multi-Purpose API Gateway, depending on its API functional scope.
  • It can range from being a Centralized API Gateway to being a Distributed API Gateway, depending on its API architectural pattern.
  • ...
  • It can integrate with Backend Services for API request fulfillment.
  • It can connect to Identity Providers for API authentication verification.
  • It can interface with Monitoring Systems for API observability.
  • It can support Developer Portals for API documentation access.
  • It can synchronize with Service Registrys for API service discovery.
  • ...
• Example(s):
  • Cloud Provider API Gateways, such as:
    • AWS API Gateways, such as:
      • AWS REST API Gateway for REST API management.
      • AWS HTTP API Gateway for HTTP API routing.
      • AWS WebSocket API Gateway for WebSocket connection management.
    • Azure API Gateways, such as:
      • Azure API Management for enterprise API governance.
      • Azure Application Gateway for web application API routing.
    • Google Cloud API Gateways, such as:
      • Google Cloud API Gateway for serverless API management.
      • Google Cloud Endpoints for API framework integration.
  • Open Source API Gateways, such as:
    • Kong API Gateways, such as:
      • Kong Open Source Gateway for plugin-based API management.
      • Kong Enterprise Gateway for enterprise API features.
    • Apache API Gateways, such as:
      • Apache APISIX for dynamic API routing.
      • Apache Zuul for JVM-based API gateway.
  • Specialized API Gateways, such as:
    • GraphQL API Gateways, such as:
      • Apollo Gateway for GraphQL federation.
      • Hasura GraphQL Gateway for database API generation.
    • Service Mesh API Gateways, such as:
      • Istio Gateway for service mesh ingress.
      • Linkerd Gateway for lightweight service routing.
  • ...
• Counter-Example(s):
  • Load Balancers, which distribute network traffic without API-specific management features.
  • Reverse Proxys, which forward HTTP requests without API management capabilitys.
  • Web Application Firewalls, which filter web traffic without API routing functionality.
  • Message Brokers, which handle asynchronous messages rather than synchronous API requests.
• See: API Management System, Software Gateway System, API, Microservices Architecture, Service-Oriented Architecture, API Gateway Capacity Model.