API Gateway

Maximize scalability and reliability by offloading API governance to the edge

An API gateway provides a unified entry point for all API consumers and governs traffic. However, API gateways are difficult to scale, and are often restricted to a region or data center.

Akamai API Gateway pushes API governance to the edge — the server right next to your API consumer. Every globally distributed edge server acts as an API gateway to maximize the scalability and reliability of your API authentication, authorization, and quota management policies.

Six Flags Case Study

Customer Story

Learn how offloading APIs helped Six Flags deliver great app experiences

Akamai API Gateway Authenticate and Scale Video
???Watch the Video???

Elastic scaling of API gateways is not instantaneous, often taking minutes to spin up resources. If you do not autoscale, handling traffic spikes from poorly-written API clients or peak traffic periods requires advance planning to ensure servers are available and warmed. In addition, local and global consumers are often served by a single gateway that may be geographically distant, adding undue latency to API responses

How is Akamai API Gateway Different?

API Gateway Reference Architecture Image

API Gateway scales your API governance by leveraging the Akamai Intelligent Edge Platform. This allows you to handle traffic spikes without the need to manually or elastically scale your resources. The platform’s global deployment performs gateway functionality closer to your consumers and provides a gateway that is always available. It removes inconsistencies in deploying APIs and empowers you to expose APIs to the outside world with standard governance rules across the organization.

Handle planned and unplanned traffic spikes

  • Seamlessly scale as your API traffic grows
  • Eliminate the need to autoscale resources
  • No need to plan in advance to allocate or “warm” servers

Decrease time to market

  • Administrative APIs to integrate with your deployment practices
  • Onboard APIs quickly and easily using API definition files
  • Quickly expand into new geographies

Reduce infrastructure costs

  • Eliminate the man-hours spent managing gateway servers and the synchronization between them
  • Increase API reliability without maintaining multiple instances of your gateway
  • Govern APIs without the high deployment and operational costs of a full API management platform
  • Eliminate the need to replicate gateways in multiple data centers or regions

Simplify architecture with a single platform

  • Govern, secure, and deliver APIs on a single platform
  • Eliminate inconsistencies across APIs and get a single view of all API consumers
  • Integration with network and application-layer security solutions to protect from vulnerabilities and attacks

Increase offload and performance

  • Cache GraphQL query responses to increase offload
  • Define RESTful API caching rules down to the resource level for increased offload
  • Serve pre-flight CORS requests from the edge to improve performance

Control consumer access

  • API key-based authentication
  • JWT validation for authorization
  • Secure API traffic with OAuth 2.0
  • Enforce business SLAs with global quota limits

Platform integration

  • Define your API once to use it with Kona Site Defender, Bot Manager, and API Gateway
  • Transport-level security (TLS offload)
  • Network-level security (IP white/blacklist)
  • Intelligent routing around congestion points
  • HTTP/2 protocol enhancements

Improve developer productivity

  • Rich set of administrative APIs to automate gateway operations
  • Use API definitions (Swagger, RAML, OpenAPI 3) already created to onboard an API to Akamai
  • Command-line interface to make basic management and configuration operations simple
  • Download raw log data for ingestion into Elasticsearch or Splunk
  • Real-time reporting dashboard to quickly discover and mitigate operational errors