API Gateway
API Gateway securely exposes your APIs to consumer, third-party developers, and other partners for use on the Internet, mobile, and IoT applications. API Gateway enables API providers to do the following:
Publish your APIs for consumption inside and outside your organization.
Define and enforce policies around aspects of runtime execution, such as user access, required access protocol and keys, data masking, and so on.
Enforce standards and practices as every API moves through its life-cycle.
Protect your APIs from unauthorized and malicious users, while also having full control and visibility into who is accessing your APIs. The built-in approval process workflow lets you manage third-party access requests.
Automatically synchronize events for applications (consumers) that are registered to use APIs in
API Gateway across multiple data centers (including geographically distributed ones) even if they are not clustered.
Define and track API versions. Multiple versions can co-exist, and older versions can be retired over time.
Monetize your APIs by creating API plans and packaged offerings.
View usage statistics and dashboards to make sure your API service level agreements are met, and to understand how your APIs are being accessed and used. You can also build custom analytics dashboards.
Capture design-time events data and use it to notify users and provide analytical dashboards. The data can also be sent to destinations such as
API Portal as well as external solutions like Elasticsearch, relational databases, and files.
Monitor runtime performance and send alerts when performance conditions are violated, optionally based on an SLA.
In an API management system, one API Gateway sits behind an internal firewall, while another API Gateway acts as intermediary between the internal API Gateway and external clients. In this way, API Gateway protects your applications, services, and data from malicious attacks from outside your organization.
API Gateway now provides support for AppMesh, in which API Gateway acts as the controlling and monitoring body. Microgateway acts as the body enforcing policies defined in API Gateway, acting as a sidecar to microservices. Users can now configure connection to Kubernetes clusters where service mesh resides. API Gateway also supports Istio-enabled service meshes as well as plain Kubernetes.