ExperienceProjectsView DesignsCertificationsBlogsContact

API Gateway Architecture

High-level API gateway pattern used across enterprise services — authentication, routing, rate-limiting and observability.

Technologies

API GatewayOAuth2KongKubernetesPrometheus

Overview

This document explains the API Gateway pattern used for routing, auth, and observability.

Key decisions

  • Single point for authentication and routing.
  • Rate limiting at gateway to protect backend.
  • Observability via request id injection and prometheus metrics.

Trade-offs

  • Gateway adds a single point of failure — mitigate with HA and sidecar fallback.

Diagram

flowchart LR
  Client --> LB[Load Balancer]
  LB --> APIGW[API Gateway]
  APIGW --> Auth[Auth Service]
  APIGW --> ServiceA[Service A]
  APIGW --> ServiceB[Service B]
  ServiceA --> DBA[(Postgres)]
  ServiceB --> DBB[(Postgres)]