The Foundations of the API Gateway

API Gateway misconceptions

An API Gateway is not an API Management tool, it is by inception an API traffic management component that natively does not manage APIs as these should be completely decoupled from the Gateway and are not directly manageable in that sense.

Who needs an API Gateway

Companies that have a large number of API endpoints and user bases will benefit from all the features of an API Gateway. In this context, due to their sheer scale it’s common for stakeholders to lose track of what endpoints are available to consume, an API Gateway is able to provide a common denominator across all available APIs and is able to apply in a unified way policy driven security features that apply equality to all APIs, irrespective of their protocols and structure.

API Gateway in the enterprise world

In the Enterprise space one of the main differences is in the constraints that these companies typically operate in, particularly those operating on premises infrastructure or Hybrid cloud.

Native features of the API Gateway

IP Whitelisting

Extending beyond the API Gateway


Service discovery becomes an important feature, especially in larger organizations operating under architectures where there are frequent changes to services exposed through API and when reliance exclusively on communication between people inside the organization is no longer possible from a scale perspective.


An API Gateway is a strategic technical component in modern architecture, the decision to implement it needs to be driven by a use case, it should not be put in place by default.



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Pedro Sttau

Pedro Sttau

Technologist, Engineering enthusiast. I pretend that I write about technology when in reality I just get lost in process of creating things.