What is App42 API Gateway?

Every application apart from the user interface also has an API interface, whether it exists in a standardized form or in the form of AdHoc services. Even if the application is not talking with other 3rd party systems/apps for internal consumption, the communication between the frontend and the business layer is done through the APIs. Sooner or later developing APIs in an AdHoc manner will give rise to huge technical debt that will be challenging to solve and launching, scaling & managing APIs will quickly become a nightmare.

Today, most of the Apps are not developed in isolation—they interact with internal & external apps or with other 3rd party apps. Protected resources viz. services, data sources, IoT devices, legacy & packaged applications need to be exposed in such a way that new age devices can consume their data/services and integrate with them to realize higher level use cases.

Exposing data & services as APIs to the outside world has potential security risks & technical challenges, such as:

• Need to be able to launch APIs in minutes
• Create APIs through multiple ways – REST Proxy, DataSource, SOAP, Queues, Create APIs from scratch
• Versioning of APIs
• Managing & Monitoring APIs
• Metering API usage (Monetization)
• Applying security on the fly policies e.g. OAuth, API/SECRET Key, Signature & TimeStamp Validation
• Flexible and robust Identity Access Management for each API Client/Partner
• Applying Traffic Policies (IAM Wise) i.e. Burst Limit, Thresholds, Payload size, TTLs etc.
• Protection against possible Denial of Service attacks, DDOS, SQL Injection etc.
• Generating SDKs
• Test harness for testing the APIs on the fly

Use Cases

Some of the reasons & use cases where API Gateway is needed

Deployment models

App42 API Gateway supports all deployment models i.e. Public, Private Cloud, OnPremise & Hybrid setup