Building and managing a microservices applications architecture in an API gateway is extremely useful – and in many cases necessary. The easiest way to describe an API gateway is to list of its basic functions:
- Serves as a single point of entry: An API gateway is a single point-of-entry (or “gateway”) for the group of APIs/microservices that sit behind it, basically serving as a one-stop-shop for all things API.
- Authenticates and limits access: By forcing APIs/microservices through a gateway, the API gateway administrator can authenticate external clients, impose access restrictions (such as read-only), apply volume limits, and more.
- Frees up developers to work more efficiently: Because the gateway takes care of so many miscellaneous tasks (authentication, authorization, database calls, connections to third-party services, etc), API/microservices developers can focus on building a stunning user interface, and on developing the specific microservices that contribute to their application architecture.
Below, we’ll go deeper into this topic by defining what API gateways are, how they work, their benefits, and outline some strategies for developing and building an API gateway of your own.
Use these links to navigate the guide:
- API Gateway Use Case Example
- How an API Gateway Speeds App Development
- How an API Gateway Works
- API Gateway Benefits
- DreamFactory’s API Gateway as a Service: Building Apps the Easy Way
Need an API for your Microservice? Did you know you can generate a full-featured, documented, and secure REST API in minutes using DreamFactory? Sign up for our free 14 day hosted trial to learn how! Our guided tour will show you how to create an API using an example MySQL database provided to you as part of the trial!
Build Your Microservice Now
1. API Gateway Use Case Example: Microservices Applications
Let’s begin with an example of an API gateway use-case for developers – where the API gateway facilitates rapid app development by serving as a one-stop-shop for all things API.
Imagine you’re creating a web app that presents employee/customer information through a clickable, interactive interface. To achieve this, your app needs to integrate with a handful of microservices, databases, and third-party systems. Here’s how an API gateway like DreamFactory speeds up development for these integrations:
Your app will use a third-party microservice application, Okta, to provide an authentication login screen. Okta takes care of passwords and data access privileges to grant different levels of access within the app.
Writing all of the code to integrate your app with Okta takes time, but you can bypass this coding time by configuring the DreamFactory API gateway to interface with Okta. DreamFactory will handle most of the code you would have to write. The only thing you have to write for the Okta integration is the code for the button that points to the DreamFactory API for the Okta service.
The DreamFactory API gateway handles the Okta integration and redirects the user to the Okta login screen. After entering the login details, Okta confirms the authentication, and DreamFactory forwards the user to the app interface to access the data.
In addition to Okta, DreamFactory includes prebuilt integrations for a wide variety of authentication services such as Azure Active Directory, Microsoft Live, Google, Facebook, LinkedIn, Salesforce and other authentication services.
After passing through the authentication wall, your app renders its main-page by drawing data from a MySQL database. Your app sends an AJAX request to the DreamFactory API endpoint for the MySQL database. DreamFactory sends the data to your app so it can render the information. The default request for the main-page shows the newest employees (sorted by hire date).
Clicking on a flyout lets the app user select additional data.
Clicking on “departments” sends an API call to the DreamFactory MySQL API, which renders the department selections. You can select a department – such as Marketing – to send another API call, which renders a list of employees for the marketing department. You can also build forms into your app that let you create, update, and delete information in the database.
Clicking on the “Customers” tab on the flyout sends another API call to the DreamFactory gateway. But this time, it sends a call to the DreamFactory API endpoint that manages the Salesforce integration. DreamFactory manages all of the code for that connection, retrieves the data, and sends it to your app, which renders a list of Salesforce client information. You can build forms to write new data to Salesforce just like you did with the MySQL database.
Custom-Scripted Service Integrations
Finally, clicking the “Map” link on the flyout sends a call to the DreamFactory API endpoint for Google Maps. DreamFactory manages all of the code for the connection to Google Maps and renders an interactive map of customer locations.
Although the Google Maps integration isn’t available per se on the list of DreamFactory integrations, this and many other custom-scripted service integrations are easily accessible by adding custom logic.
Key takeaways: An API gateway like DreamFactory can serve as an app developer’s “Swiss Army Knife” of service integrations, making the widest variety of custom APIs available to your app. This allows you to build functionality into your applications instantly with just a few lines of code – which ultimately translates into lightning-fast app development.
2. How an API Gateway Speeds App Development
Without an API gateway (or single point of entry), you’ll be hand-coding direct connections to the REST APIs for each of the services listed above. For decades, this has been an important and time-consuming part of coding applications.
Here’s why these direct client-to-microservices connections are inefficient:
- Unnecessary operational complexity: Directly integrating your app with multiple microservices means that you could be dealing with different types of APIs and messaging protocols. REST APIs with HTTP endpoints are preferred, but some microservices require more complex protocols, like AMQP. When you have to connect your app to many different types of APIs, developing it will be more time consuming, complicated, and expensive.
- Less pluggable microservices architecture: When clients connect directly to the individual microservices that form an application, it’s difficult to make changes to those microservices without disrupting client connections. For example, dividing one microservice into multiple microservices – or merging several microservices into one – could render the microservices architecture unusable by clients until they completely recode their connections.
- Slow API connections: If your app is calling numerous APIs separately, its data connections will be slower and less efficient than if it were calling all of the APIs through an API gateway’s single point of entry.
Instead of setting up countless direct app-to-microservices connections, which is highly inefficient, an API gateway allows your client to simply establish one connection to the gateway. The gateway offers microservices that authenticate the client and individual users’ access; APIs for pulling data from various databases and third-party services like Salesforce; and it can give developers the freedom to build an unlimited variety custom-scripted service integrations to virtually any service the app requires. In other words, the developer team can direct all of their API calls to the gateway, resulting in uniformity in terms of authentication, API keys, URI addressing, and more.
Key takeaways: An API gateway speeds up app development by giving developers instant access to a large variety of ready-made APIs. By delegating authentication, access control, and load balancing to the API gateway, developers can spend more time building a beautiful, well-functioning user interface. The API gateway also preserves the pluggability of a microservices architecture because developers can make changes behind the gateway with less risk of disrupting external client connections.
3. How an API Gateway Works with Microservices
An API gateway sits in front of a group of integrated microservices, offering a single point of connection that any external app or microservice can use. Essentially, it encapsulates the microservices so they can interact with third-party clients as an integrated unit. Instead of dealing with dozens or more APIs for different microservices, developers can work with one API for the API gateway, and thereby integrate with all the microservices that sit behind the API gateway.
To reinforce the API gateway concept, here’s how Novatec describes it:
Within a microservice architecture, the API gateway pattern suggests a wrapper around
your microservice landscape in order to expose a single API to the client thus providing
a single-entry point to your back-end infrastructure. The gateway may also expose
different kinds of APIs respective to different clients connecting to your application.
Additionally, an API gateway may implement cross-cutting concerns such as authorization, analytics and so on. (source)
The efficiency of a single point of entry also reduces the bandwidth requirements of third-party connections, which makes the client faster and more responsive. This is especially important when clients connect via mobile internet, which isn’t as fast as a physical LAN connection.
Here’s an image of an API gateway from Microservices.io:
When connected to an API gateway, a third-party client sends requests to the API gateway first. The API gateway authenticates the client and routes the messages to the relevant microservices. Next, the gateway performs any required protocol transformations. The gateway should be able to transform messages between HTTP, REST API, WebSocket, AMQP, Thrift binary RPC, and other formats as required. Finally, the gateway aggregates the replies from the microservices before returning them to the client.
As for the endpoints, API gateways usually need to expose a unique API for each type of third-party client/device that connects with it. This creates more work for API gateway administrators, but it’s necessary due to the diversity of third-party clients/devices that may need to connect with the gateway. Once API gateway developers publish an API for a specific type of client, that API can be duplicated and reused whenever that type of client/device needs to connect.
An API gateway can perform a wide variety of miscellaneous tasks for a microservices architecture:
- Authentication, authorization, and security
- Protocol translations
- Response transformations
- Static response handling
- Rate limiting
- Static response handling
- Load balancing
- Request routing
- Other processes depending on requirements
Key takeaways: An API gateway lets external clients only need to send one query to one API. After receiving the query, the API gateway manages all protocol transformations, routes the query to the appropriate microservices, aggregates the results, retransforms the protocol, and sends the query results back to the third-party client. Modern API gateways expose unique, customized APIs for the different types of third-party clients and devices that need to connect with it.
4. API Gateway Benefits
Using an API gateway brings the following advantages:
- Encapsulates a group of integrated microservices: Allows you to contain the integrated group of microservices that form a microservices-based application – so other apps and microservices can interact with them as a single unit.
- Manages a group of integrated microservices: Handles a wide variety of integration tasks for a group of microservices applications – such as authentication, authorization, protocol translations, response transformations, load balancing, and a great deal more.
- Provides a single point of entry: Offers a single point of contact for external apps, so they don’t need to establish multiple direct app-to-microservices connections when interacting with a microservices-based ecosystem.
- Simplifies external client/app code: Since the external client only needs to send one message at a time to a single API, the client’s code is much simpler.
- Offers a wide range of custom APIs: Provides a wide variety of specific, customized APIs for the different types of applications, microservices, and devices that need to establish connections with the architecture.
- Frees up developer time: By taking care of so many miscellaneous tasks, the API gateway frees developers to spend more time on perfecting the individual microservices.
Key takeaway: The numerous benefits of API gateways make them the first choice for encapsulating and managing integrations for a microservices-based architecture.
5. DreamFactory’s “API Gateway as a Service”: Building Apps the Easy Way
After reading this guide, you should have a clear understanding of how an API gateway facilitates app development with Microservices Applications. With the DreamFactory iPaaS, you gain access to an “API gateway as a service” that gives you a large library of pre-built integrations for the most useful microservices and platforms that you want your app to connect to. These include pre-built integrations for authentication services, cloud services, caching services, databases, and a great deal more. In fact, most of our job at DreamFactory involves explaining to our clients that, yes, DreamFactory can handle that integration too!
DreamFactory’s low-code and no-code interface makes connecting your app to virtually any service a snap. Just add the service you want to your instance of DreamFactory, and DreamFactory’s automatic REST API generation tool allows your app to connect with that service in minutes – not the weeks it can take to develop a custom API.
With our authentication and authorization capabilities, business logic engine, volume limiters, and other features, developers get a secure, extensible, and performant environment for managing any microservices architecture. Try DreamFactory now. It’s free!
What are Containerized Microservices, ESB vs Microservices: Understanding Key Differences, API Trends: Monolithic vs Microservices, Microservices Examples: How Amazon, Netflix, Uber, and Etsy Broke Their Monoliths and Scaled to Unprecedented Heights with Microservices, What are Micro Apps on iOS?