API Gateway
Back to System Design
System Design
API Gateway
A boundary service that routes requests, handles authentication, enforces rate limits, and centralizes edge concerns.
🚧 This page is still under construction. More content and notes will be added soon.
Notes
Key Points
- An API gateway gives clients one stable entry point while hiding internal service boundaries behind it.
- It commonly handles TLS termination, authentication, authorization, rate limiting, request validation, and routing.
- Gateways are useful when many clients talk to many backend services, but they can also become a choke point if overloaded or overcomplicated.
- Keep the gateway focused on cross-cutting concerns rather than pushing all business logic into it.
Interview Focus
Bring up an API gateway when you have many services or clients and need one place for auth, routing, and policy enforcement at the edge.