05 - API Gateway Development

In the last post, we have seen the development of the Backend API which will help in handling the REST API Calls from the clients like Web/Mobile applications. However, we cannot expose the backend layer directly for clients' applications. Instead, we need to build a Gateway where all the calls are routed from clients and publicly exposed. This Gateway in turn will talk to individual APIs and return the data to the client. Following are some reasons why Gateway is required

  • the client applications don't need to understand the individual microservices. They just need to call the API Gateway, which will return the data
  • provides the ability to provide an optimal response to the client, like if the client is mobile it can provide a customized response and different responses for the web client.
  • reduce the number of requests between clients and APIs. the gateway can aggregate different information needs and provide a single response. Since Gateway and microservices are hosted in the same network the time taken will be relatively less than the individual calls between client and microservices
  • Provides the ability to introduce features like monetizing APIs and logging of APIs

There are some cons to having Gateway also. Following are some Cons:

  • Additional hop reduces performance to an extent, which is fine given the number of benefits included.
  • A compromised Gateway can open a box of security issues for the enterprise. So its important the API Gateway is secured.
  • Developers need to maintain API Gateway whenever they add/remove APIs.

There are many solutions available in the market from the leading cloud providers. However, for this project, we are going to develop an API Gateway internally by following the below-shown architecture.

image.png