API Gateway for Microservice E‑Commerce
Key Points
- An API (Application Programming Interface) acts as a software intermediary that lets different applications communicate, such as when you browse Instagram or check travel prices.
- Modern organizations are breaking down large monolithic apps into loosely‑coupled microservices, which increases the volume of API calls and creates new challenges for security, scalability, and performance.
- An API gateway addresses these challenges by centrally managing, securing, and accelerating API traffic, improving both the end‑user experience and developer productivity.
- In the example of a fictitious e‑commerce store (Indies Custom Threads), the gateway handles requests from web browsers, mobile apps, and third‑party integrations, routing them to specialized microservices like product info, pricing, and order management.
- The presenter also offers a giveaway—readers who answer a final API‑gateway question in the comments can win a branded “API Gateway” T‑shirt.
Full Transcript
# API Gateway for Microservice E‑Commerce **Source:** [https://www.youtube.com/watch?v=hWRRdICvMNs](https://www.youtube.com/watch?v=hWRRdICvMNs) **Duration:** 00:10:20 ## Summary - An API (Application Programming Interface) acts as a software intermediary that lets different applications communicate, such as when you browse Instagram or check travel prices. - Modern organizations are breaking down large monolithic apps into loosely‑coupled microservices, which increases the volume of API calls and creates new challenges for security, scalability, and performance. - An API gateway addresses these challenges by centrally managing, securing, and accelerating API traffic, improving both the end‑user experience and developer productivity. - In the example of a fictitious e‑commerce store (Indies Custom Threads), the gateway handles requests from web browsers, mobile apps, and third‑party integrations, routing them to specialized microservices like product info, pricing, and order management. - The presenter also offers a giveaway—readers who answer a final API‑gateway question in the comments can win a branded “API Gateway” T‑shirt. ## Sections - [00:00:00](https://www.youtube.com/watch?v=hWRRdICvMNs&t=0s) **API Gateway Benefits for E‑Commerce** - The passage defines APIs, highlights the surge in API traffic caused by microservice architectures, and explains how an API gateway securely manages this traffic while enhancing both user and developer experiences in an online store. ## Full Transcript
api is an acronym for application
programming interface which is a
software intermediary that allows two
applications to talk to each other
so every time you use an app like
instagram
you send us a message or check travel
prices for your next vacation you're
using an api
apis can make or break applications and
have to require additional
infrastructure to secure
scale and accelerate
and this is the case now more than ever
as organizations are modernizing their
large legacy monolithic applications
into smaller individual microservices
these microservices are loosely coupled
in order to make your apps more scalable
highly available and resource efficient
just to name a few
however the outcome of using a
microservice oriented architecture comes
with many more api calls going between
your clients and your microservices
so how do you securely manage this
influx of api traffic for distributed
system
well with an api gateway
hell i even purchased this nifty
schmedium t-shirt with an api gateway
and the first lucky viewer who answers
my api gateway question towards the end
of this video in the comments section
won their own version of this t-shirt so
now let's take a deeper look into how an
api gateway can both improve the user
and developer experience for an online
store so let's start off an example here
let's say we have a fictitious
e-commerce storefront
indies custom threads and in this store
you can order customized t-shirts kind
of like my nifty api gateway t-shirt
here
so let's walk through the scenario right
we'd have our users here
and then they would make the purchase
and look at the t-shirts on the website
through these different clients right so
you have your web application here which
would be a standard web browser
we'd have our mobile client as well it
could be ios it could be android
and then we also have a third-party api
integration service right so this could
be if you want to integrate your website
with like say something like facebook
or in our case we have a review
api that's integrated through a third
party so
say you see someone makes a comment
about the t-shirt and they're like
man the t-shirt fit comfortable but the
50 polyester really gave me a bad skin
rash
that would all be possible through this
third-party integrated service
so now that we've established our users
and our clients
now let's take a look at the actual
product detail ui right so there's a lot
of different functionality a lot of
different tasks that we've broken down
into these micro services here
and this originally would be a
monolithic application like we
previously talked about but we've we've
broken it apart and segmented it into
different services so
as you can see the first one here is the
product info service this would be stuff
like you know look at the t-shirt what
kind of color is a t-shirt is it black
red the size of the t-shirt large medium
and so on
and then we have our pricing service we
have our order service if you want to
look at purchase history you got the
inventory service and the review service
and so on and this is just a handful of
different microservices here we could
have many more so that's just a very
quick rudimentary overview of direct
client to microservice communication
architecture
so let's take a look at what an api
gateway architecture might look like
let's get rid of these
okay so api gateway the topic of the
hour so your api gateway would reside
right here in the middle between your
clients
and your microservices
and there are numerous benefits with
implementing an api gateway solution i'm
just going to go over just a couple main
ones right now
so the first main benefit is client
performance
i'm just going to put
perf or short
so in our last example we had our
clients making a bunch of api requests
to each individual
microservice so in this instance with
our api gateway which would essentially
be like a reverse proxy or you could
even consider it like a api traffic
controller you would take those requests
and then route them to the appropriate
microservice
so this has
numerous benefits right because now
instead of having all those individual
requests go into each microservice now
you can filter it through your api
gateway
and this reduces latency so now
your product detail ui page will run
much more efficient much faster
and it's a better client experience
because you don't have as many round
trips right because our last example say
you had a request come in it went to the
product info service but you're pricing
microservices speak with the product one
so you would have to go back to the
client back to pricing and so on so
this reduces those round trips here
and on top of just being a better you
know client performance
it also helps the development team as
well because
they don't have to manage and maintain
all those individual api requests now
they can do this all through the api
gateway
so the next main benefit is security
so by having this api gateway right here
we essentially have a security barrier
in front of our front-end clients right
our front-end api
endpoints
because otherwise
we had everything wide open right and
you're not susceptible to like a dos
denial of service attack or any other
malicious attack with this api gateway
and you could add other services within
this api gateway like authentication
authorization
to add another layer of security
and this leads me to my next benefit
which is protocol
translation
so if you recall
we had to have the same internet
friendly protocol
going from our clients to the
microservice in order for it to function
and operate
here we could say we have https
that's again a secure credential
but we can change the protocol here we
could just go http
for each
api request that's routed and
by removing the s and that secure
credential where you don't have to
authenticate this is ssl termination
where the ssl stands for secure socket
layer and this is a process where you
decrypt and offload the encrypted ssl
data within the api gateway instead of
going to our backend microservices so by
doing this this greatly helps
performance of our e-commerce storefront
as you can see
although i don't know why we don't have
any more spendiums you don't even have
to have you know internet friendly you
can even have server-side protocols like
amqp so you have a larger reach right
you have more usability with your
e-commerce storefront because you could
have other protocols
the last
quick
benefit i want to mention is common
functionality defunct offload
so we're off floating
these common functionalities for every
market service that we had to have in
order for it to operate right so now we
can take some of that business logic and
put in this api gateway
you can just have your microservices
running a little bit more efficiently
and smoother because we're just focusing
on their tasks that they really need to
focus on they don't need all that other
business logic so you could have stuff
like rate limiting
you could have tin requests for every 60
seconds if you want to put a cap on that
to help with demand
you could also have stuff like api
monitoring and logging if you want to
keep it on the api health and how
everything's working
operational wise and there's just so
much more
and that's just a few there's a lot more
standard features typically with an api
gateway solution
so this is great and all but what if we
get an instance where say you get a huge
spike in traffic and
indy's custom thread is preparing for
black friday oh my god we're going to
get so much traffic what are we going to
do you got users here you've got users
here
well
we could install and implement a bff
architecture
and no i'm not saying best friend
forever although i will be your best
friend if you like this video
i'm talking about back in
to front and
and essentially what this is is you're
adding additional api gateways so for
this one for instance this would be our
dedicated
web api gateway
so here
we could have one for our mobile devices
right you could have another api gateway
and this would just be dedicated to your
you know native
os and android devices
and it would take all that api traffic
coming for those devices and routing
them to the right microservices
and this is
you know you could have this for the
third party integration
service as well and there's other
clients as well you can have here you
could have like iot devices with sensors
right um so
this is a great benefit if you're going
to have a huge demand and spike with
traffic or say you're just adding a lot
more functionality and features to your
your e-commerce storefront so this would
be a great architecture to consider to
expand and scale up
so this is just a very quick overview of
api gateway i hope you found it helpful
oh and before i forget i didn't forget
the t-shirt if you want to get it my
question to you is
what is ssl termination
drop an answer in the comment section
and then we'll make sure to ship you the
t-shirt and we'll get your details
through there so thank you so much for
watching again i hope this high level
overview has been helpful thank you
if you have questions please drop us a
line below if you want to see more
videos like this in the future please
like and subscribe and don't forget you
can grow your skills and earn a badge
with ibm cloud labs which are free
browser-based interactive kubernetes
labs