Censornet: Safeguarding the Most Vulnerable People – and Their Data
Most modern application architectures involve heavy dependencies on APIs. APIs have been around for years. Their importance can’t be overstated in modern web application development. APIs have helped us to build applications that span multiple platforms while segregating frontend and backend code, moving away from older paradigms usually seen in dated, 2-tier architectures. By doing so, APIs have enabled the rapid development of some of the world’s most successful applications and companies.
Frameworks and methodologies to build APIs are abundant and, with each new addition to the arsenal of API build tools, life gets easier for the developers who create APIs. API initiatives are becoming one of the main disciplines for companies both large and small. With that, API portfolios are growing at an exponential rate.
With so many APIs being built, we need to think about the role that good API management tools can play in this journey. Here at Tyk, we are absolutely obsessed with this subject! We’re passionate about showing everyone the benefits that our product brings to those looking to enhance their API development, security, and support efforts. Below, we will outline some of the most talked-about benefits of API management platforms, and some new and exciting additions to Tyk’s offerings.
Architecture options: where does API management fit in?
Most API management platforms are simply a reverse-proxy with a bunch of added features to assist in API development, monitoring, monetizing, security, and more. Gateways and their associated infrastructure will sit in front of your API layer to handle all incoming and outgoing traffic. Once a call is made from your consuming application to an API residing in the gateway, traffic is then routed through the gateway and reverse-proxied to your upstream APIs.
There are a few ways that you can architect your solution to suit your needs: self-managed (gateway is on your infrastructure and configuration is managed by you), SaaS (gateway provider manages the infrastructure and the bulk of configuration), or a hybrid approach which mixes elements of self-managed and SaaS solutions.
At Tyk we support all three of the above deployment models. The specifics of each are:
- This enables you to deploy Tyk on your own private infrastructure, whether on-prem (private cloud or bare metal) or via your preferred public cloud provider (AWS, GCP, Azure, etc). The self-managed route gives you full control over how you can configure, customise, and manage your solution.
- Tyk Cloud (SaaS)
- With this option, Tyk takes care of all infrastructure needs and under-the-hood configuration. This means you are up and running in a matter of minutes, without the worries about hosting a solution or figuring out how to configure Tyk to get started.
- Hybrid SaaS
- Hybrid is the ‘best of both worlds’ approach, if you don’t need data to live on your servers. With Hybrid, you manage only the gateway nodes, and connect them to our SaaS Control Plane. This gives you full control over how the worker gateways run, while completely removing the need to worry about backups, migrations, and other maintenance woes. The gateway is ephemeral. Essentially, you control your gateways and connect them to our Tyk SaaS where the other components are, including the dashboard and developer portal.
The array of available options means you can tailor the perfect solution based on the needs of your specific architecture and organisation.
What about the latency added from the gateway?
One enormous concern about using a gateway is the potential latency that routing requests and responses through another piece of infrastructure adds. Although some latency will be added by introducing a gateway into your API infrastructure, certain solutions allow for a very minimal amount.
Tyk is extremely lightweight. Its thorough engineering means it is considered one of the most performant API gateways available with one of the most feature-intensive offerings out there. With Tyk, the impact of the gateway on latency is minimal.
Our Solution Architect, Sedky Abou-Shamalah, recently wrote a great post which demonstrates the small amount of latency added by adding Tyk into your API architecture. It shows how the Tyk gateway, even under extreme load, can function with an unnoticeable degree of latency while using standard AWS server configurations. With proper tuning, the correct sizing of infrastructure, and the right configuration of Tyk, latency worries are unwarranted. For most use cases, added latency is negligible.
Features and benefits of API management platforms
API management platforms offer a wide range of features which help with almost every aspect of the API journey from development through to production, monitoring, and support.
Listed below are a few areas of importance where API management platforms can help augment your API offering:
Development speed increase and reusability
Using a gateway to interface with your API allows developers to focus on their services without all the nuances of security, rate limiting, quotas, transformations, and other concerns. This specialization allows for rapid development of functional code without all the concerns mentioned above.
With the Tyk Dashboard, anyone within your overall development or project teams can configure endpoints and access. This allows developers to use their time wisely, focusing on creating the most robust services as quickly as possible without the need to worry about all the endpoint configuration details and hassles that arise from waiting for other teams and departments.
Setting up authentication and authorisation for APIs
You can configure all authentication and authorisation for your endpoints and services within the gateway, instead of leaving this up to each individual service to implement. This removes security from the services your gateway is calling, instead adding it in one easy-to-manage place. Tyk supports many types of endpoint security, including basic authentication, OAuth 2.0, JWTs, Open (Keyless), OpenID Connect, Mutual TLS, and many other popular options.
With the Tyk dashboard and the available Dashboard API for those who want to automate, configuration of security is easy. You can secure your endpoint in minutes with whatever security configuration you require.
You can find more specifics on authentication and authorisation within Tyk, here.
Find out more about how Tyk handles authentication and authorisation.
There are many scenarios within the enterprise space where simple functionality turns into a large-scale project, adding time and cost to your endeavour.
With virtual endpoints, you can create inline functions within the gateway itself without the need to point to an upstream API to execute the logic. This means instant access to your virtual endpoint without the need for a separate service and corresponding infrastructure, allowing for serverless-like functionality right from the gateway itself.
Find out more about how to create and use virtual endpoints in Tyk.
Mocking with integration in mind
You can use the Mock Responses built in the gateway to mock out future, undeveloped endpoints so that consumers of the endpoint can integrate with the gateway and use the mock. Once the service is finally created, you can remove the mock and point to your actual upstream endpoint. Your already-integrated consumers can now use it! This cuts out the need for local mocking for development. It also means that you can handle integration early on, even before the endpoint is implemented and live. With Tyk, we offer a Mock Response plugin that expedites getting this functionality up and running.
Find out more specifics on mocking within Tyk.
Applying rate limits and quotas
Sometimes you need to control how often a consumer of an API can call that API. You can use Tyk’s rate limiting feature to do this. It controls the transactions per second limit, as well as quotas for the number of API calls allowed within a specific time period. Both of these functionalities are built into the API management tool. With all of your APIs being created within Tyk, you can easily apply rate limiting and quotas for each API.
Find out more about applying rate limiting and quotas with Tyk.
Using body transformations to manipulate incoming and outgoing traffic
A powerful feature of using an API management platform is the ability to transform requests and responses through the use of custom transformation templates. This is especially useful when you have an upstream system that uses an older technology, like SOAP and XML, and want to add a RESTful JSON interface to it without changing the upstream system. In Tyk, you can use Go templating to manipulate a payload and then test it in the dashboard using our Body Transformation plugin.
Normally, a lot of time, coding, and testing goes into building a new interface for an existing system. With Tyk’s helpful plugins, it can be ready for production use in minutes.
Find out more about how Tyk handles traffic transformations.
Without API management, versioning can be complex to handle and manage. With an API management platform like Tyk, however, you can easily tackle API versioning. You can configure everything quickly, including managing route and middleware configurations between different versions of your API.
Once you have created API versions, you can easily switch between them by using:
- an x-api-version header with the value that corresponds to the version of the API you want to call
- the version as the first URL element (eg. /v2/myapi/endpoint)
- a URL or form parameter (eg. /myapi/endpoint?version=1)
Using the API versioning features built into the API management platform means there is no need to bake it into your upstream APIs. They also allow for monitoring of use between versions (using monitoring tools built into the platform), and the easy management of all API versions in one place.
Find out more about versioning your APIs with Tyk.
Analytics and reporting
Many of your upstream APIs will probably have their own logging, potentially dispersed across the multiple servers where they are running. This makes it difficult to track traffic to each individual service and endpoint in a unified view without using tools to individually access each service’s logs and amalgamate them into a centralized place.
A platform such as Tyk can help to bridge all of your logging needs for API traffic. You can divide it up by API, time, caller, and many other configurations. A customisable analytics platform like Tyk allows you to drill down and get precisely the information you need. Meanwhile, the Tyk dashboard presents the data in an easy-to-use and digestible way. All API traffic info and errors are in one place, by default.
Find out more about how Tyk handles analytics and reporting.
Self-service options for API consumers
With a developer portal, a developer can manage their own subscriptions to APIs, including issuing their own access tokens. Normally, a subscription to an upstream API without a gateway in front of it would mean that the owner of the API would need to create and issue these tokens, and keep track of each generated token.
With Tyk, you can configure all of this, expose your APIs to developers through the portal, and keep track of it within the dashboard. Developers can then log into the portal and self-serve using your published APIs.
Find out more about the Tyk Developer Portal.
Extensible plugins and middleware
Many API management platforms are extensible in various ways through customization of plugins and middleware. This allows the users of the platform to shape the platform to meet their specific needs if needed.
As part of Tyk’s core engineering principles, we have built in the ability to extend existing plugins and middleware. You can also build new plugins easily in just about any language. There’s no need to worry about being boxed in by existing plugins and middleware – you can extend functionality if and when you need to. This allows for deep customisation of the product so that each component functions exactly as you need it to.
Find out more about Tyk plugins and customization.
In a world reliant on data and the APIs that expose it, it should come as no shock that many companies are exposing their APIs for a fee. Although the parameters around monetisation vary, like charging by rate limit or quota tiers, using APIs to generate revenue is here to stay.
A gateway makes monetising your APIs simple. With Tyk, you can create a custom sign-up flow for developers where they can be redirected to a 3rd party site of your choice, complete payment details and transaction, then be redirected back to Tyk where a developer key is issued upon payment success. Monetising your API with a gateway is simple and easy to manage.
Find out more about how to monetise your APIs with Tyk.
GraphQL capabilities without the downsides
In Tyk’s 3.0 release, we have blazed a path for allowing developers to begin using their built GraphQL services through the gateway, the ability to build new GraphQL services through the Tyk Dashboard, and to create GraphQL endpoints using existing RESTful API endpoints. The Universal Data Graph and GraphQL tools added in the newest Tyk release ease all the common pain points and concerns of GraphQL including:
- introducing a no-code approach to creating GraphQL resources through the Tyk dashboard
- handling all security needs including authentication, authorisation, and providing protection from GraphQL DDoS attacks
- GraphQL engine performance
This new functionality allows you to bring GraphQL services to life quickly, easily, and securely, throughout Tyk’s API management platform.
Bringing API management tools into your stack will greatly improve the ease of development, management, and extensibility of your API offering. The importance of API management in our API-centric world cannot be overlooked. API management tools such as Tyk cover all the facets of best practices that should be applied across your API offering, all wrapped up into one easy-to-use platform.
If you’d like to see a great overview of all the core functionality within Tyk, watch one of our Consulting Engineers, Jason Neves, go through an end-to-end overview of all of our great features, available here. To get started with Tyk today, visit our get started page!