API gateway is more than just routing. It can aggregate responses, transform payloads, handle auth, and even run custom edge logic. Modern gateways rival full apps.
Backend For Frontend (BFF)
Different gateways per client type. Mobile gets slimmed responses. Web gets richer. Partner gets stricter contracts.
Backend For Frontend (BFF)
Different gateways per client type. Mobile gets slimmed responses. Web gets richer. Partner gets stricter contracts.
Response aggregation
Client makes one call. Gateway calls N services in parallel. Composes response. Saves round-trips.
Auth at edge
Validate JWT once. Pass identity as header to services. Services don't re-parse tokens.
Rate limit + quota
Per-user, per-API-key, per-endpoint. Enforce here. Cheaper than checking in every service.
Edge scripting
Cloudflare Workers, Envoy WASM. Custom logic at gateway: A/B testing, header manipulation, geo routing.