Upgrade to Pro — share decks privately, control downloads, hide ads and more …

API Gateways - Dealing with Distributed Backends

Allan Chua
November 21, 2018

API Gateways - Dealing with Distributed Backends

The presentation aims to showcase how API gateways solves the issues associated with distributed back-ends (Microservices and APIs) from a front-end developer's point of view.

Allan Chua

November 21, 2018
Tweet

More Decks by Allan Chua

Other Decks in Programming

Transcript

  1. Table of Contents I. Abstract II. What are API Gateways?

    III. Benefits IV. Implementations, Tools and Frameworks V. Demo VI. Things to Consider
  2. How a client app communicates with distributed backend APIs. Web

    API Ledger Web API Catalog Web API Authentication
  3. Authentication Issues JWT Token A JWT Token B JWT Token

    C Cookies Against N Servers? Distributed API Challenges
  4. CORS, Domain Name and SSL Cross Origin Sharing is troublesome

    Buy multiple SSL Certificates + Domains? Distributed API Challenges
  5. Tightly Coupled Client and APIs CATALOG LEDGER CUSTOMERS Each team

    working on a bounded context will have a hard time releasing their changes Distributed API Challenges
  6. API Gateway vs Reverse Proxy API Gateway Reverse Proxy Authentication

    Caching Rate Limiting Logging Response Aggregation
  7. I. Sub-Domain Encapsulation II. Single Point of Contact III. Faster

    Cross Continental Communication IV. Centralized Authentication V. Single CORS, Domain Name and SSL VI. Added Layer of Security VII. Centralized Cross Cutting Concerns BENEFITS OF USING AN API GATEWAY
  8. I. Authentication II. Logging III. Monitoring IV. Circuit Breaking V.

    Retries with Jitter VI. SSL Termination VII. Whitelisting VIII. Response Aggregation IX. Rate Limiting CROSS CUTTING CONCERNS
  9. Define Downstream Services Downstream services in the context of API

    gateways are independent backend APIs that you want to aggregate and encapsulate.
  10. Define Public Endpoints Expose Public Endpoints. Public endpoints not exposed

    on the gateway Are considered private which introduces a more secured way of aggregating APIs
  11. Define Pipelines Policies Pipelines are an ordered list of policies

    that are executed for requests received from all linked apiEndpoints.
  12. Azure API Management AWS API Gateway Kong NGINX API Gateway

    Express API Gateway Ocelot API Gateway Spring Cloud Gateway JHipster
  13. Consider Backends for Frontends (BFF) Web API Ledger Web API

    Catalog Web API Authentication API Gateway API Gateway Desktop Gateway Mobile Gateway