API gateways are limited Agents that only act as simple load-balancing proxies in front of actual execution Agents. They only expose API and HTTP trigger endpoints and forward valid requests to the execution Agents. The API gateway Agents will authenticate and validate the requests before forwarding them upstream. The gateways will also throttle excessive requests. The idea is that you can install API gateway agents to public-facing servers, without exposing your actual execution Agents, with connections to internal systems, to public network traffic.

Please note that you do not need an API gateway to be able to use API processes. The execution Agents also directly expose all API process endpoints, and do authentication, throttling, etc. Therefore, if you have a load balancing proxy server already set up for your Agents, you should not need to deploy an API gateway.

API gateways are always configured as part of an Agent group, and by default, they will expose the same API and HTTP triggers as the execution Agents. You can choose to set an API or HTTP trigger as private, which means the gateways will not expose them; they will only be accessible from the internal execution Agents. This can be done by adding the 'private' tag to the API spec or by checking the private flag for the HTTP trigger.

If the Agent group has more than one executing Agent, the API gateway will do simple load balancing between them in a round-robin fashion. The gateway polls each agent every second and removes or adds the agents to the routing pool accordingly. A forwarded request that fails due to an unexpected error, such as a network disconnect or timeout, will also cause the Agent to be removed from the routing pool. The Agent will be returned the pool once the gateway can successfully poll it. The traffic to upstream Agents will be routed to their configured external URLs.

API gateways are installed with the same installer as any other Agent; the configuration tells the Agent to work in proxying gateway mode. Because API gateways do not need to synchronize with other Agents, they can be installed without any external dependencies (apart from the service bus connection), using individual LocalDB instances.

Did this answer your question?