_CORE
Services
AI & Agentic Systems Core Information Systems Cloud & Platform Engineering Data Platform & Integration Security & Compliance QA, Testing & Observability IoT, Automation & Robotics Mobile & Digital
Industries
Banking & Finance Insurance Public Administration Defense & Security Healthcare Energy & Utilities Telco & Media Manufacturing Logistics & E-commerce Retail & Loyalty
References Technologies
Lab
Blog Know-how Tools
About Collaboration Careers
CS EN DE
Let's talk

API Gateway Patterns

01. 11. 2023 Updated: 27. 03. 2026 1 min read intermediate
This article was published in 2023. Some information may be outdated.

An API Gateway is the entry point for client requests in a microservices architecture. Instead of the client communicating directly with dozens of services, it communicates with a single gateway that handles routing, authentication, rate limiting, and transformation centrally. This simplifies client code and creates a single place for cross-cutting concerns like logging, monitoring, and security.

What It Does

  • Request routing — directs requests to the correct backend services
  • Authentication (JWT/OAuth) — validates tokens before passing to the backend
  • Rate limiting — protects services from overload
  • Request/Response transformation — payload modification, header enrichment
  • Aggregation — combining responses from multiple services
  • Caching — reducing backend load
  • Logging + monitoring — centralized telemetry

Implementation

  • Kong — open-source, rich plugin ecosystem, declarative configuration
  • AWS API Gateway — managed service, integration with Lambda and AWS ecosystem
  • Traefik — cloud-native, auto-discovery from Docker/K8s labels
  • Nginx — DIY solution with OpenResty for Lua scripting, maximum performance

The choice depends on infrastructure. For Kubernetes, Traefik or Kong Ingress Controller is a natural fit. For AWS serverless, API Gateway + Lambda is the most efficient path.

Patterns

BFF — Backend for Frontend

Each client (web, mobile, IoT) has its own gateway optimized for its needs. A mobile BFF aggregates data into a single call, while a web BFF sends more detailed responses. This eliminates over-fetching and under-fetching on the client side.

Gateway Aggregation

Combines calls to multiple services into a single response. The client sends one request, the gateway calls user-service, order-service, and product-service in parallel and returns a composed response. This reduces roundtrips and client-side latency.

Gateway = Entry Gate

Essential for microservices. Centralizes cross-cutting concerns and simplifies client integration. Without a gateway, every client handles authentication, retry logic, and service discovery independently.

api gatewaymicroservices
Share:

CORE SYSTEMS team

We build core systems and AI agents that keep operations running. 15 years of experience with enterprise IT.

All articles

More know-how

Kong — API Gateway for Microservices

How Kong unified our API management, authentication, rate limiting, and monitoring in one place.

Platform Engineering & Internal Developer Platforms

Why platform engineering is replacing the traditional DevOps approach. How to build an IDP.

Apache Pulsar — Cloud-Native Messaging and Streaming

Apache Pulsar separates compute from storage. Multi-tenancy, tiered storage and Pulsar Functions.

AWS IAM — Identity & Access Management

IAM policies, roles, STS, permission boundaries and least privilege best practices.