Architecture
An API gateway is a server that acts as the single entry point for all client requests in a distributed system, routing them to appropriate backend services while handling cross-cutting concerns like authentication, rate limiting, SSL termination, and request logging.
In a microservices architecture, having clients directly call dozens of individual services creates tight coupling and forces each service to implement its own authentication, rate limiting, and monitoring — duplicating logic across every service. An API gateway consolidates these concerns at the edge: clients authenticate once with the gateway, which validates tokens and forwards only authorised requests, applies rate limits to prevent abuse, and routes requests to the correct downstream service based on URL paths or request attributes. API gateways also enable protocol translation (e.g., exposing a REST interface to clients while fanning out to internal gRPC services), request/response transformation, circuit breaking to handle downstream failures gracefully, and A/B routing for canary deployments. AWS API Gateway, Kong, Nginx, Traefik, and Azure API Management are widely used implementations in production systems.
Example
A retail platform's API gateway receives all mobile app requests, validates JWT tokens, enforces a 1,000-requests-per-minute limit per API key, and routes /products calls to the product service and /orders calls to the order service — all transparently to the mobile client.
Related terms
Microservices
Microservices is an architectural style in which a large application is built as a collection of small, independently deployable services, each responsible for a specific business capability and communicating via APIs.
REST API (Representational State Transfer API)
A REST API is a web API that follows the REST architectural style, using standard HTTP methods (GET, POST, PUT, DELETE) and stateless communication to expose resources identified by URLs.
Load Balancing
Load balancing is the process of distributing incoming network traffic across multiple servers or instances to prevent any single server from becoming a bottleneck, improving application availability, throughput, and fault tolerance.
Serverless
Serverless is a cloud execution model in which developers deploy individual functions or applications without provisioning or managing servers — the cloud provider automatically allocates compute resources on demand and charges only for actual execution time.
Ready to grow your business?
Tell us what you're building. We'll reply within one business day with a clear next step.