Responsibilities

Caching
- Responses can be cached by dedicated CDN servers that get hit
- Responses can also be cached in memory with something like Valkey/Redis/Memcached
Authentication and Authorization
- The API gateway can easily handle auth by calling a SSO endpoint
Rate Limiting
- Rate limiting can easily be achieved by implementing a leaky bucket algorithm or by using other similar methods
Failover
Monitoring
- Can provide metrics and logs to metric aggregators and log aggregators
Load Balancing
- The API gateway can serve as a Load Balancer, even tho that may not be the best way to handle things.
- Load balancers can instead be put before or after the gateway
Validation
- Can be used to validate the requests or responses coming in/out
- Can be useful to prevent errors from leaking to the outside
- Can also lead to automatic Retries
Circuit Breaker Pattern
Service Discovery
Web Application Firewall

Stefan Genov