API Gateway
Definition
Service that manages and routes API requests between clients and backend services, ensuring security, monitoring, and performance optimization.
Use Cases
- The LEGO Group: Expose and secure backend services for digital commerce and customer experiences while scaling globally — Used AWS API Gateway as a managed entry point for APIs, integrating with AWS Lambda and other backend services, and applying authentication and traffic management policies (Improved scalability and operational efficiency by using managed API front-door capabilities instead of running custom gateway infrastructure)
- Expedia Group: Manage and secure large numbers of partner and internal APIs for travel booking workflows — Adopted an API management layer (commonly implemented with gateways and API management platforms) to centralize authentication, rate limiting, and routing to microservices (More consistent API governance and improved reliability for high-traffic API-driven experiences)
Provider Equivalents
- AWS: Amazon API Gateway
- Azure: Azure API Management
- GCP: Google Cloud API Gateway
- OCI: Oracle API Gateway
Frequently Asked Questions
- What's the difference between an API Gateway and a load balancer?
- A load balancer mainly distributes network traffic across servers (often at Layer 4 or Layer 7) to improve availability and performance. An API Gateway is API-aware: it can authenticate requests, enforce rate limits/quotas, validate tokens, transform requests/responses, route by path/version, and provide API analytics—then forward the request to the right backend.
- When should I use an API Gateway?
- Use an API Gateway when you have multiple backend services (microservices), need a single stable endpoint for clients, or want centralized controls like authentication/authorization, throttling, request logging, versioning, and caching. It’s especially useful for mobile/web apps, partner APIs, and serverless backends where you want consistent security and traffic policies without building them into every service.
- How much does API Gateway cost?
- Costs are typically usage-based. Common pricing factors include number of API calls/requests, data transferred out, optional caching, and features like custom domains or advanced security. Azure API Management often has tier-based pricing (developer/basic/standard/premium) plus capacity units, while AWS/GCP/OCI gateways commonly charge per request plus data transfer. Always estimate with the provider’s pricing calculator using expected request volume and payload sizes.
Category: software
Difficulty: intermediate
Related Terms
See Also