What is an API gateway?

An API gateway is the single-entry point for defined back-end APIs and microservices (which can be both internal and external). Sitting in front of APIs, the gateway acts as protector, enforcing security and ensuring scalability and high availability.

API architecture

Let’s take a quick step back to understand how an API gateway fits into an API architecture. First, what’s an API architecture? Unlike API design, which focuses on why the API is being created, the outcome, and how it will be executed, API architecture is defining the entire methodology and process for running and exposing APIs. It encompasses the API gateway (and how API security, caching, orchestration will work), developing an API portal for API analysis, API documentation, marketing APIs, making sure they work with web/mobile applications, and defining how they are exposed to internal, partner, and third-party developers.

Having a complete API architecture will help your business with the entire API lifecycle management process.

API gateways are core infrastructure

Think of an API gateway platform as an application server, but for APIs. It is seen as the API runtime environment, and provides these core services:

  • API security
  • API protocol connectivity
  • API virtualization
  • API Scalability and elasticity
  • High availability
  • Manageability
  • Development simplicity

Since the core API infrastructure is provided, developers can focus on providing the application logic, and no longer need to build these services into their application.

Who is responsible for the API gateway platform and how is it administered?

There are two teams responsible for managing the platform: the operations team and the architecture team. Operations handles runtime management of message traffic, logs and alerts, and high availability. The security and systems architects define and manage the design-time policy, which determines the behavior of the API gateway platform.

There are five main stages in an API gateway administration lifecycle:

  1. Planning an API gateway system
  2. Installing API gateway components
  3. Configuring a domain
  4. Operating and managing the API gateway
  5. Upgrading the API gateway


    Learn about all the stages of full lifecycle API Management

    Learn More