Rest APIprogramming~30 mins

API gateway patterns in Rest API - Mini Project: Build & Apply

Choose your learning style9 modes available

Learn Why Deep Visual Try Challenge Project Recall Time

API gateway patterns

📖 Scenario: You are designing an API gateway configuration for an e-commerce platform with three backend services: Users, Products, and Orders. The gateway needs to route requests, aggregate responses for a dashboard endpoint, and apply rate limiting.

🎯 Goal: Design a gateway routing configuration, a response aggregation endpoint, rate limiting rules, and request transformation headers for a multi-service REST API.

📋 What You'll Learn

Define path-based routing rules for three backend services

Design a dashboard aggregation endpoint combining data from all services

Configure rate limiting rules per client tier

Add standard gateway headers for request tracing

💡 Why This Matters

🌍 Real World

API gateways like Kong, AWS API Gateway, and NGINX are used in every microservices architecture to centralize routing, security, and observability.

💼 Career

Backend and DevOps engineers configure API gateways daily to manage service communication, enforce security policies, and optimize client-server interactions.

Progress0 / 4 steps

Define path-based routing rules

Create a JSON routing configuration with a routes array. Each route should have a path pattern, method, and upstream target. Route /api/users/* to http://user-service:3001, /api/products/* to http://product-service:3002, and /api/orders/* to http://order-service:3003. Set strip_prefix to "/api".

Rest API

{
  "gateway": {
    "routes": [
      // Add route objects with path, method, upstream, and strip_prefix
      // Your code here
    ]
  }
}

Need a hint?

Each route maps a URL path pattern to a backend service address. The strip_prefix removes /api before forwarding.

Design dashboard aggregation endpoint

Add an aggregation section to the gateway config. Define an endpoint /api/dashboard with method GET that calls three upstream endpoints: /users/current from user-service mapped to response key "user", /orders/recent from order-service mapped to "recent_orders", and /products/featured from product-service mapped to "featured_products".

Rest API

{
  "gateway": {
    "routes": [
      { "path": "/api/users/*", "method": "ALL", "upstream": "http://user-service:3001", "strip_prefix": "/api" },
      { "path": "/api/products/*", "method": "ALL", "upstream": "http://product-service:3002", "strip_prefix": "/api" },
      { "path": "/api/orders/*", "method": "ALL", "upstream": "http://order-service:3003", "strip_prefix": "/api" }
    ],
    "aggregation": [
      // Add aggregation endpoint that combines data from all three services
      // Your code here
    ]
  }
}

Need a hint?

The aggregation endpoint makes parallel calls to multiple services and combines their responses into a single JSON object using response keys.

Configure rate limiting rules

Add a rate_limiting section with two tiers: "free" with 100 requests per 3600 seconds, and "premium" with 10000 requests per 3600 seconds. Set the identify_by field to "api_key" and exceeded_response to status 429 with message "Rate limit exceeded".

Rest API

// Configure rate limiting with free and premium tiers
// Your code here

Need a hint?

Define tiers with requests-per-window limits and a response to return when limits are exceeded.

Add request transformation headers

Add a request_transform section with a headers object. Add three headers: X-Request-ID set to "$uuid" (auto-generated), X-Forwarded-For set to "$client_ip", and X-Gateway-Version set to "1.0". Also add a remove_headers array that removes "X-Powered-By" from upstream responses.

Rest API

// Add headers for tracing and remove internal headers from responses
// Your code here

Need a hint?

Use variable placeholders like $uuid and $client_ip for dynamic values. Remove internal headers to avoid leaking implementation details.