API Gateway Pattern
Pattern providing a single entry point for multiple microservices, handling routing, authentication, rate limiting, and response aggregation.
seed#api-gateway#pattern#microservices#routing#aggregation
What it is
The API Gateway pattern provides a single entry point for clients needing to access multiple microservices. Instead of the client knowing and calling each service, the gateway routes, aggregates, and transforms requests.
Responsibilities
- Routing: direct requests to the correct service
- Authentication/Authorization: verify identity centrally
- Rate limiting: protect services from overload
- Aggregation: combine responses from multiple services
- Transformation: adapt formats between client and services
- Caching: cache frequent responses
Implementations
| Gateway | Type | Strength | Limitation |
|---|---|---|---|
| AWS API Gateway | Managed | Native Lambda integration, no infrastructure | Added latency, per-request cost |
| Kong | Open source / managed | Extensible plugins, multi-cloud | Operational complexity |
| NGINX | Open source | Extreme performance, flexible configuration | No native API management features |
| Envoy | Open source | L7 proxy, base for service meshes | Steep learning curve |
| Traefik | Open source | Auto-discovery with Docker/K8s | Less mature for complex APIs |
Anti-patterns
- Gateway containing business logic
- Gateway as bottleneck (single point of failure)
- Too much aggregation in the gateway
Why it matters
The API gateway centralizes cross-cutting concerns — authentication, rate limiting, transformation — that would otherwise be duplicated in every microservice. It is the control point that simplifies both operations and the API consumer experience.
References
- API Gateway Pattern — Chris Richardson, 2014. Original pattern.
- API Gateway — Azure — Microsoft, 2024. Pattern implementation guide.
- Kong Gateway — Kong, 2024. High-performance open source API gateway.