API Gateway Responsibilites

3 min readMar 23, 2024

API Gateway Overview:

API Gateway is the entry point of your entire internal APIs or services. When the client sends a request to your system instead of sending it directly to the individual service itself, they will send it through the gateway.
The gateway will forward the request to the targeted service.
Before transmitting the request to the targeted service, the gateway will do some work like authenticating, authorization, payload validation, analyzing or some transformations on the header or the payload.
API gateway helps in communication between micro services

Dividing responsibilities.
API gateway can take of care minimum responsibility and small small micro services can be used to responsibilities such as authentication, authorization, monitoring, routing, logging and tracing

API Gateway acts as a single entry point for all the clients.
API Gateway routes incoming requests to different services based on rules defined.

It balances the requests across various instances for optimal use of resources.
This helps in handling varying level of traffic efficiently and prevents overloads on any single service instance

API gateway will handle authentication of all requests and this established security for the services.
There can be different mechanisms for the authentication such as local authentication, AD/LDAP based authentication, SAML authentication. Cookie based authentication

API gateway takes care of authorization of the request.
So all the gateways sends request and check for permission of the User or Group.Once allowed, gateway proceeds to resolving the request
In case of error 403 response provided to client

API gateway takes care of rate limiting.
This ensures security in the system.
API gateway controls the number of requests an API can make to an API within a certain period of time.
This will ensure abuse of the APIs

After the basic authentication passes, the request will take its way to be discovered by the gateway.
The gateway will read the URL file for matching the request with the gateway route configuration.
The gateway will check if the request endpoint and the method are valid or not.
If there’s no problem with the request, it’ll be ready to forward the request to the targeted service.
In case of routes not available in Gateway, a 404 error will be served to clients
Then, create a log to discover a new valid request will go through the gateway.

Once the request is sent to API gateway, gateway will validate the request body.
Validation is done in comparison with the schema of the API. The yaml/Json format of the API.
Once validation is complete gateway will parse the json body to model

Gateway also help parsing the response based on the API definition(schema/yaml definition) before sending the response to clients
In certain cases it adds certain HTTP headers as well

Gateway forwards the request to service after validation and request parsing is done
Gateway also converts the model to a format understandable by respective service

API gateways can capture logs related to incoming requests and response and provide insights about the usage pattern, performance and health of the service
This data is invaluable for troubleshooting, capacity planning and optimizing the request

To improve performance and reduce latency API gateway can cache the responses from the backend services and serve them to clients for identical subsequent requests.
This reduces the load backend services and improves overall system responsiveness

API gateway logs each and every incoming request, response and any errors and exceptions encountered during request processing.
This aids in debugging issues, auditing and compliance purposes
It may integrate with distributed tracing systems to provide end to end visibility into requests flows across multiple service