API Gateway vs. Reverse Proxy
Reverse Proxy is frequently used for microservice architecture and cross-cutting concerns; the API Gateway pattern is used. A reverse proxy can act as an API gateway.
APIs are the standard for the disclosure of business or technical capabilities. Many developers and architects won over by the technical simplicity of transmitting JSON messages over HTTP.
The corporate development landscape was besieged by many technologies and sellers marketing better, faster, and more efficient tools.
With top marketing overlapping and promising to do anything AND making coffee in the morning, an architect’s decision to select the proper tool is clouded. This is my endeavor to classify brilliant new API gateways every week.
Any API gateway/platform can be divided into three broad kinds. A reverse proxy, API gateway, and API management platform.
Reverse Proxy
A typical scenario of reverse proxy use is to act as an intermediary between one or more servers in the internal network of companies.
Reserve proxy popular when one or more web servers are displayed using a single public IP address. Either a URL structure with numerous fields, subdomains, or directory hierarchies can be used.
Comes with characteristics like;
1. Security – basic authentication, SSL certification, and several levels of prevention of web attacks (particularly Denial of Service attacks). Modern security protocols are seldom supported with API gateways.
2. Add a cache layer to enhance performance
3. Load balance between several internal servers
API gateway
A microservice intermediate. Implement current traffic control and security procedures.
Popular if an API for one or more microservices to be published fast. The main attraction of a gateway is to set up very quickly and to play around easily. Two popular models are available.
1. Run the gateway and use a command-line tool to construct and publish APIs.
2. Generate API metadata gateway configuration and run it with that configuration.
With some tools, an API definition can be utilized to build the gateway instead of giving metadata manually.
Deployment can be even simplified in cases in which a service mesh is used. A service mesh can be set to inject the API portal as a sidecar at the time of service deployment. No additional labor is needed. This pattern is popular due to its simplicity.
Gateway Benefits over a Reverse Proxy
- A well-defined service security paradigm – OAuth2, JWT (JSON Web Tokens), and mutual TLS (certificate-based auth)
- Rate limiting characteristics
- Well, specified documentation and interface. Open API spec generally provides a proper understanding of an API. Some other specs such as RAML and API Blueprint are available, but Open API spec is widely used. WADL is also available, but extremely limited industry usage (at least from what I saw in the last 10 years)
API gateway vs Reverse Proxy:
Hopefully, these two approaches will be different. The benefit of using API gateways appears to be invoking multiple software systems and aggregating results. All other API gateway functions can be implemented using Reverse Proxy. Like:
- Authentication
- Security of transport. It alone.
- Load balancing
There are multiple questions based on this:
Does it make sense to simultaneously utilize the API gateway and the Reverse Proxy (as a detail like; the name of the API, the port number, the URL, and the backend URL should be included. There will be a gateway. For example request -> API gateway -> reverse proxy(Nginx) -> microservice concrete)? In what conditions?
What other changes can be implemented utilizing the API gateway without a reverse proxy and vice versa?
It helps to recognize they aren’t mutually exclusive. Consider an API gateway as a special form of a reverse proxy.
It is typical to utilize both together, with the API gateway acting as an application tier behind a reverse proxy for load-balancing and health-checking.
In a WAF sandwich architecture, the Web Application Firewall/API Gateway is sandwiched between two reverse proxy tiers, one for the WAF and the microservices it communicates to.
Both have similarities. It’s simply a name. It becomes an API gateway when you add authentication, rate restriction, dynamic configuration updates, and service discovery to a basic reverse proxy setup.
API gateway functions as a reverse proxy to accept all API calls, aggregate the required services, and return the right result.
An API gateway has more functionalities than an API proxy, especially in security and monitoring. The Backend for Frontend (BFF) design is commonly used in Microservices development. Check out the post to learn more about the API Gateway pattern in Microservices.
However, API proxy is a lightweight API gateway. It has minimal security and monitoring features. With an existing API and modest needs, an API proxy will suffice.
