Two related patterns
As services multiply, clients should not call each one directly. A gateway gives them a single front door.
- API gateway is one entry point that routes, authenticates, rate limits, and aggregates calls to many services.
- Backend for frontend is a gateway tailored to one client type, shaping responses for web or mobile.
How they fit together
A mobile app and a web app each talk to their own BFF, which calls shared downstream services.
Why use them
- The gateway centralizes cross cutting concerns like auth and rate limiting.
- A BFF avoids overfetching by returning exactly the shape one client needs.
- Clients stay simple because aggregation happens server side.
Tradeoffs
- A gateway can become a bottleneck, so keep it stateless and scalable.
- Too many BFFs duplicate logic, so share common modules.
- Watch for the gateway turning into a monolith of business logic.
Key idea
An API gateway is a single front door for cross cutting concerns, and a BFF specializes that door per client to return exactly the right data.