Skip to content

API Gateway Template — organizational overview

The API Gateway template provides the front door for HTTP APIs: routing traffic to internal services, enforcing perimeter security (tokens, throttling), and supporting channel-specific APIs (BFF) without duplicating domain logic in every microservice.

Why use this template

  • Controlled entry: one perimeter for rate limits, CORS, authentication, and coarse routing before traffic hits domain teams.
  • Simpler clients: mobile, web, and partners integrate with a stable external surface while internal services evolve.
  • Operational visibility: northbound logging, tracing, and gateway-level metrics make incidents easier to triage.
  • Consistent security posture across products instead of every team inventing edge policies differently.

Typical use cases

  • Public or partner APIs that must expose a small, versioned surface while many microservices implement capabilities behind it.
  • Multi-channel products (web, mobile, IoT) where a BFF-style edge reduces chatty calls and shields clients from internal churn.
  • Gradual modernization: route legacy and new services from one edge during migrations without client rewrites at every step.

Capabilities (what you get)

  • JWT-centric perimeter patterns aligned with ConnectSoft’s Authorization Server and resource APIs.
  • Routing and policy model suitable for YARP-style reverse proxy scenarios with ConnectSoft conventions.
  • Template-grade observability and health inherited from Base Template, so gateway deployments match sibling services in ops playbooks.
  • Configuration-first evolution of routes and policies where the business wants change without full redeploys (details in the technical docs).

Identity platform alignment

Within the ConnectSoft identity platform, this template owns the public API perimeter: route authentication, coarse authorization, CORS, throttling, correlation, and trusted context propagation to backend APIs. It validates tokens issued by the Authorization Server but does not issue tokens, manage users, or replace resource-level authorization in backend services.

Technical documentation (single hub)

Routing, scaffolding, solution layout, architecture, parameters, configuration, authentication, resilience, testing, development guidance, detailed use cases, and runbooks live only in ConnectSoft.Documentation under this template.

API Gateway — technical hub (ConnectSoft.Documentation)

Identity Platform Security Model (ConnectSoft.Documentation)