API Gateway

API Gateway is a simple, fast, low-cost, low-risk API hosting service for developers, covering the entire life cycle of API release, management, operation and maintenance, and transaction. Developers can open up their capabilities, services, and data to partners through API. API Gateway will fully protect the export of capabilities and the interconnection of services in the areas of security, routing, traffic control, and monitoring.

Value Proposition

Centralized authorization

Owners of business systems do not need to build an authentication system by themselves, and they only need to pay attention to their own business.

Security isolation

API Gateway provides strict authority management. A business system only needs to be open to the API Gateway on the intranet, and can interact with external services without the internet. There is no security concern.

Traffic baffle

Accurate traffic control helps business systems isolate external data storms to prevent the systems from being swamped.

Save cost

API management. API Gateway fulfills such cumbersome tasks as API document maintenance, SDK maintenance and API version management, greatly reducing your daily maintenance costs.

Highly scalable and highly available

API Gateway adopts distributed deployment that can carry large-scale API access, and is highly scalable; it also ensures low latency, providing highly secure and efficient gateway functions for your back-end services.

Use Cases

Smart Government Cloud ecosystem
API service group release

The government and enterprises can achieve service interconnection of internal departments through API Gateway, export service capabilities, and create new services and applications by integrating different API services to achieve integrated innovation.

The capability to export products and services may comprise a variety of APIs. Without exposing the APIs to the public network, the service provider can complete the release of external services through API Gateway and the cloud market. Other service consumers can call APIs flexibly according to business demands.
Recommend to use with: Smart Face

Success Stories

Smart Face

API Gateway enables Ping An’s Smart Face to be better applied in such scenarios as the mobile business development of Guolian Life, and a good ecosystem of developers and partners is developed through efficient, reliable API management services.

Euler Graph: big data application

API Gateway provides a full set of external service guarantees for Euler Graph, and there is no need to worry about security, operation and maintenance issues in the process of opening up services.

Functionality

Security

Authentication: Generate authorization for identity authentication based on the requested content

Authentication: With authorization management based on connected apps, developers can manage apps and APIs under all permissions of the tenant.

Caching: Cache data returned by API back-end service, and reduce back-end service pressure;; When the system API cache is large, you can use redis cluster to improve system response.

Circuit breaker: If the back-end service has a timeout or abnormality for 50% of calls within N seconds, the system automatically disconnects the service, and tries to restore the link after M seconds. This mechanism can effectively avoid invalidation and so on.

Traffic control

Traffic control: 1) traffic control policy configuration based on time units: day, hour, minute, and second; 2) for the traffic control range, you can set the number of calls in the unit time based on API, set the number of API calls in the unit time based on users, or set the number of calls in the unit time based on app.

Timeout control: configure the time of access timeout through API, avoid worker threads for a long time, and so on.

Routing

Service routing: identify request parameters and path, and forward upstream API services .

Gated launch: A product allows a certain part of applications to use the new version of the API, while other applications continue to use the previous API. When the new version of the API becomes gradually stable, all users can smoothly transition to the new version of the API. Using gated launch, you can get feedback from users early, improve product features and improve product quality. This allows users to participate in product testing, strengthens interaction with users, and reduces the range of users affected by product upgrades.

Monitoring

Call records: a summary record of API calls to facilitate custom auditing and statistics.

Custom component development: component-based architecture that matches the needs of enterprises through component development

Management center: API Gateway has a simple and concise back-office management center. It is convenient for API gateway administrators to manage APIs. The data panel is convenient for learning about the system operation.