API Gateway with Spring Cloud Gateway

4 min readNov 13, 2023

What is an API Gateway ?

Api Gateways are core component in the microservice architecture. It sits at the edge of system between clients(frontend, mobile vs.) and bunch of backend services. It acts as an intermediary between clients and the application’s back-end services to manage the complexities of the microservices architecture, improve scalability, and enhance security.

Key Features

Request Routing: The API Gateway routes incoming API requests to the appropriate microservice or backend service. It acts as a reverse proxy, forwarding requests to the relevant service based on the request URL or other parameters.
Load Balancing: To ensure optimal performance and distribution of traffic, API Gateways often incorporate load balancing techniques. This helps distribute incoming requests evenly across multiple instances of a service.
Security: API Gateways play a crucial role in enhancing the security of an application by enforcing authentication and authorization mechanisms. They can handle tasks such as API key validation, OAuth token validation, and other security-related processes.
Rate Limiting: API Gateways can implement rate limiting to control the number of requests a client can make within a specified time period. This helps prevent abuse, ensures fair usage, and protects backend services from being overwhelmed.
Logging and Monitoring: API Gateways provide centralized logging and monitoring capabilities, allowing administrators to track and analyze API usage, performance, and potential issues. This can be valuable for debugging, optimization, and compliance purposes.
Response Aggregation: In a microservices architecture, a single client request might require data from multiple services. The API Gateway can aggregate the responses from different services into a single response, simplifying the client’s interaction.
Caching: To improve performance, an API Gateway can implement caching mechanisms. It can store frequently requested data and serve it directly to clients without forwarding the request to the backend, reducing latency.

Why do you need API Gateway ?

When the number of backend services are growing, it’s getting harder to manage it for the clients. Because they need to store every service’s URL in order to make request.

Here’s where an API Gateway steps in to streamline and simplify the entire process. By serving as a centralized entry point, an API Gateway eliminates the need for clients to be aware of the every backend services. Clients can make requests to a single, well-defined API Gateway endpoint, which then takes care of routing the requests to the appropriate services behind the scenes. This abstraction shields clients from the complexities of the underlying microservice architecture, providing a more user-friendly and efficient experience.

Spring Cloud Gateway

Spring Cloud Gateway has been defacto API Gateway for Java and Spring Community. It is an open-source, programmable, and extensible API gateway built on top of the Spring Framework. It has been built on Spring WebFlux which is built on the project reactor which makes it a reactive web server with far better throughput than traditional api gateways when exposed to more than 200 concurrent users.

Lets look at the all features with a demo application.

Before deep dive in the gateway, we need an actual service that gateway will forward the requests. I created a mock-product service that runs on localhost:8081 and returning a basic response with Spring Boot.

@RestController
@RequestMapping("/api/v1/product")
public class MockController {

    @GetMapping
    public ResponseEntity<String> getMock() {
        return new ResponseEntity<>("Product1",HttpStatus.OK);
    }
}

Now lets deep dive to the Gateway Application

Prerequisites: Spring Boot, Spring-Cloud and and Spring-Cloud-Starter-Gateway

Routing

Spring Cloud Gateway allows you to configure your routes in two ways. First way is by configuration file (application.yml)

spring:
  cloud:
    gateway:
      routes:
        - id: product-service
          uri: http://localhost:8081
          predicates:
            - Path=/api/v1/product/**

Or you can configure it programmatically:

@Bean
public RouteLocator myRoutes(RouteLocatorBuilder builder) {
    return builder.routes()
                  .route(p -> p
                          .path("/api/v1/product/**")
                          .uri("http://localhost:8081"))
                  .build();
}

Now you can run your gateway application. It will be start on http://localhost:8080 . And if you will make request to the :

curl http://localhost:8080/api/v1/product

You will see the “Product1” result. Gateway successfully proxied the request.

Filters

Cloud Gateway provide built-in filters that can be used for both global or individual routes. For example if you want to filter the routes at global level you can use it like:

spring: 
  cloud: 
    gateway: 
      default-filters:
        - AddRequestHeader=X-Request-red, blue

It will add X-Request-red:blue header to the all request that comes to the gateway.

Predicate

Predicates are used for defining route matching strategies in gateway. The most well-known is Path, which is used to define path matching. We can define our predicates in configuration files like this:

spring:
  cloud:
    gateway:
      routes:
        - id: product-service
          uri: http://localhost:8081
          predicates:
            - Path=/api/**

It will match and route all the requests that coming to the /api/** path.

Conclusion

API Gateways are inevitable solution if you have hundreds of services in microservice architecture. It has a dozen of advantages compared to other solutions. And If you are familiar with Java and Spring environment, you may definitely consider Spring Cloud Gateway. It provides many built-in features like routing, pattern-matching, security etc.