How Api Gateway Actually Work

#73: Break Into API Gateway (3 Minutes)

͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­͏     ­

	Forwarded this email? Subscribe here for more You are now 150,001+ subscribers strong. Let’s try to reach 151k subscribers by 5 June. Share this post & I'll send you some rewards for the referrals. How API Gateway Actually Work ⭐ #73: Break Into API Gateway (3 Minutes)   READ IN APP   Get my system design playbook for FREE on newsletter signup: Pledge your support This post outlines how API Gateway works. You will find references at the bottom of this page if you want to go deeper. Share this post & I'll send you some rewards for the referrals. Once upon a time, there lived a software engineering student named Maya. She worked as a freelancer part-time. Although she had many customers, the platform fee was extremely high. So she got paid less. One day, she decided to build a freelancer site with fair pricing. And her tiny site became popular in a short time. So she set up a microservices architecture for scalability. Yet she didn’t know much about architectural design patterns. And set up separate public URLs for each microservice. The client talked directly to different microservices based on the task. This means tight coupling and increased client complexity. Different Clients Receive the Same Payload Also many users accessed her site on their mobile. Yet she sent the same amount of information to the desktop and mobile users. And this worsened the latency and bandwidth usage. So she set up an API Gateway. Imagine the API Gateway as a hotel receptionist who checks a user’s reservation and gives them room keys. It let her move the non-business logic, such as authorization, into a separate service. Onward. Cut Code Review Time & Bugs in Half - Sponsor Code reviews are critical but time-consuming. CodeRabbit acts as your AI co-pilot, giving you instant code review comments and the potential impact of each pull request. Besides, CodeRabbit provides one-click fix suggestions. It also lets you define custom code quality rules using AST Grep patterns and catch subtle issues that traditional static analysis tools might miss. CodeRabbit has reviewed over 10 million PRs; it's installed on 1 million repositories, and 70k+ open-source projects use it. CodeRabbit is free for all open-source repos. Instantly spot: Syntax & functional bugs Logical errors (incorrect conditions, miscalculations) Common pitfalls (off-by-one, infinite loops) Concurrency issues (data races, deadlocks) Security vulnerabilities (SQL injection, XSS, CSRF) Code smells (duplication, lengthy methods) Best practices violations (SOLID, DRY, KISS) Poor unit test coverage Complexity issues (time & space inefficiencies) Weak error handling (especially external calls) Maintainability & readability concerns Writing clean, secure, and performant code is tough. CodeRabbit makes it easy. Get Started Today How API Gateway Works Let’s dive in: 1. Workflow The API Gateway acts as a single entry point for the site. SSL Termination on API Gateway The client sends the request over HTTPS for security. Yet it has to be decrypted, and this takes extra processing power on each server. So the API Gateway does SSL termination. This means decrypting traffic before forwarding it to microservices, thus reducing server load. Routing Requests Using API Gateway Here’s how the API Gateway routes the request: The client sends the request to the API Gateway The API Gateway does rate limiting to prevent server overload It then checks if the client is allowed to make the request The API Gateway validates the request’s header and body against the schema. Also transform the request if necessary It routes the request to the correct microservices. It handles routing based on the request’s URL path, HTTP headers, method, or query parameters The API Gateway then combines the responses from different microservices It responds to the client and caches the response for future requests if needed Also it finds the device type, such as desktop or mobile, from HTTP headers to route the request accordingly. This approach simplifies the client logic and improves latency. Besides the API Gateway prevents overloading of unhealthy servers by pausing repeated failing requests. This technique is called the circuit breaker pattern. Let’s keep going! 2. Tradeoffs Although the API Gateway simplifies client interactions, it introduces a set of problems. Here are some of them: It increases latency as there’s an extra network hop It increases costs and operational complexity because of maintenance efforts It might become a performance bottleneck when there’s high traffic Also it could become a single point of failure if set up incorrectly. So it’s necessary to install more instances of the API Gateway for high availability. Running More Than a Single Instance of API Gateway for High Availability Some popular ways to set up an API Gateway are using Nginx, Kong, or Tyk. A popular variant of the API Gateway is the backend for frontend (BFF) pattern. It means a separate API Gateway for each device type—desktop and mobile. While the API Gateway pattern offers many benefits, it’s important to use it carefully. Otherwise it’ll add more complexity than value. Subscribe to get simplified case studies delivered straight to your inbox: Pledge your support 👋 Follow me on LinkedIn | Threads | Twitter | Instagram Want to advertise in this newsletter? 📰 If your company wants to reach a 150K+ tech audience, advertise with me. Thank you for supporting this newsletter. You are now 150,001+ readers strong, very close to 151k. Let’s try to get 151k readers by 5 June. Consider sharing this post with your friends and get rewards. Y’all are the best. Share TL;DR 🕰️ You can find a summary of the article here. Consider a repost if you find it helpful. References API Gateway Pattern Use API gateways in microservices 10 most common use cases of an API Gateway My experiences with API gateways What does an API gateway do? What Is an API Gateway? Embracing the Differences: Inside the Netflix API Redesign Block diagrams created with Eraser Share this post to help others learn system design & I'll send you some rewards for the referrals.   Like Comment Restack   © 2025 Neo Kim 548 Market Street PMB 72296, San Francisco, CA 94104 Unsubscribe

---