One front door
An API gateway is a single entry point that sits in front of a set of backend services. Clients talk only to the gateway, which routes each request to the right service. This hides the internal layout and gives you one place to enforce shared concerns.
Cross cutting work
Instead of every service reimplementing the same plumbing, the gateway centralizes it:
- Authentication and token validation at the edge.
- Rate limiting to protect backends from floods.
- Routing requests to the correct service by path or host.
- Aggregation of several backend calls into one client response.
Watch the trade
A gateway is powerful but it is also a single point that all traffic flows through, so it must be highly available and fast. Pushing too much logic into it can turn it into a bottleneck and a deployment chokepoint, so keep business logic in the services and reserve the gateway for shared edge concerns.
Key idea
An API gateway centralizes edge concerns like auth and routing so individual services stay focused.