What is an API Gateway

An API gateway is a server that acts as the single entry point for all client requests to a microservices system. It routes requests to the appropriate backend service, and can handle cross-cutting concerns like authentication, rate limiting, logging, and response transformation.

How it works

Instead of clients calling individual microservices directly, they call the API gateway. The gateway determines which service should handle the request based on the URL path, headers, or other criteria. It forwards the request, receives the response, and returns it to the client.

The gateway can also aggregate responses from multiple services into a single response, reducing the number of round trips for the client.

Why it matters

Without a gateway, clients must know the addresses of every service and handle authentication, retry logic, and protocol differences themselves. The gateway abstracts this complexity behind a single URL.

Common implementations include Kong, AWS API Gateway, nginx (configured as a gateway), and Envoy. Many teams start with a simple reverse proxy and add gateway features as the system grows.

The risk is making the gateway too smart — putting business logic in the gateway creates a bottleneck and a single point of failure. Keep it thin: routing, authentication, rate limiting, and nothing more.