Exploring Distributed API Gateways and BFF with Spring Cloud Gateway

Following to my previous post on the comparison between Distributed API Gateway and BFF, I received many inquiries from friends about the possibility of implementing both distributed API Gateway and BFF features together and having them in a single implementation. I have decided to create another blog post to delve into this topic in greater detail.

In the era of microservices architecture, building and maintaining scalable, performant, and secure APIs is essential. A distributed API Gateway, coupled with a Backend-for-Frontend (BFF) pattern, can empower your microservices-based applications to deliver a seamless and efficient user experience. In this blog, we will explore how to achieve this using Spring Cloud Gateway, a powerful tool in the Spring ecosystem.

Why Spring Cloud Gateway:

Spring Cloud Gateway is a lightweight and extensible API Gateway built on Spring Boot. Leveraging the range of features from Spring Cloud Gateway with BFF pattern implementation could be an excellent choice for managing microservices-based applications. Below are some of those features:

• Security: Incorporate authentication and authorization mechanisms.
• Customized Responses: Craft API responses tailored to each frontend's (Mobile App, Web App, Kiosk, ATM, etc.,) requirements.
• Aggregation: Aggregate data from multiple microservices into a single response.
• Versioning and Deprecation: Manage API versions and deprecation strategies.
• Routing and Filtering: Define routing rules and apply filters for request and response modification.
• Dynamic Configuration: Adapt to changing requirements by updating routing and filtering rules dynamically.
• WebSocket Support: Proxy WebSocket connections for real-time applications.
• Payload Dump: Integrate with pub-sub like Kafka to flush out the payload which helps for operational investigation purposes 

Understanding the Need for Distributed API Gateway + BFF in Container Orchestration Engine.

Let us explore how BFF and Distributed API Gateway take place in a Banking environment from the below diagram.

In a typical Kubernetes environment, microservice applications are deployed into multiple namespaces based on the domain. In the above diagram we can see Retail Banking microservices are deployed into the namespace called RetailBnkNS and Corporate Banking microservices are deployed to the namespace called CorporateBnkNS.

The Spring Cloud GW (BFF and distributed API GW) services are the only services exposed outside the respective namespace. So, the rest of the downstream microservices are secured and protected. All other calls to downstream microservices will route via Spring Cloud GW. 

Since Corporate bank accounting functionality is different from Retail Banking, the FundTransfer service in Corporate Banking is protected and not to be misused by any other domains.

Why not Enterprise API Gateway:

The above Spring Cloud Gateway example is the application environment for a Bank, which serves only the Bank's own customers. Furthermore, each domain has a unique authentication process like different OAuth JWT tokens, etc., just as distinct domain users should have unique authentication and authorization procedures, which is impossible with a centralized enterprise  API Gateway.

Enterprise API Gateway cannot be deployed within Kubernetes namespaces and it serves its own use cases to enable B2B service integration, Open Banking, and so on.

The Take Away:

In the world of microservices, Distributed API Gateways and Backend for Frontend services play critical roles in ensuring the efficiency, security, and maintainability of your applications. Spring Cloud Gateway, with its rich feature set and seamless integration into the Spring ecosystem, provides a powerful platform for implementing these architectural patterns.

By leveraging Spring Cloud Gateway for your API gateway needs and incorporating Backend for Frontend services into your architecture, you can create a flexible, scalable, and secure microservices ecosystem that meets the specific requirements of your clients. This combination unlocks the full potential of microservices while simplifying development and ensuring a stellar user experience.

So, if you're embarking on a journey into the world of microservices and distributed systems, consider Spring Cloud Gateway as your trusted companion for building robust API gateways and Backend for Frontend services that will help your applications thrive in the modern cloud-native landscape.