GraphQL as the New API Gateway?
GraphQL has proven itself as the technology positioned to change the way we build modern APIs. Various companies have been using GraphQL to transform the way they interact with their APIs.
Rarely is the composability it adds to your API architecture discussed, as GraphQL doesn’t only give you increased flexibility and performance gains. You can also use it to manage your APIs, for example, by implementing it as an API gateway.
Benefits of an API Gateway
Using an API gateway in front of all the APIs in your API architecture is not a new concept. For years, companies have been using API gateways to manage internal APIs, often SOAP or REST APIs, exposed by their services or microservices.
The API gateway plays a vital role in giving consumers of these APIs a unified experience. API gateways let you do, for example, rate limiting, handle access control or manage the versioning of your APIs. Some API gateways even provide load balancing, monitoring and security tools.
An API gateway is often a reversed proxy layer that provides a single point of entry into all your APIs. Instead of having to keep track of all your services individually, you can create a mapping of all the different endpoints your APIs expose.
This means you no longer have to send separate requests with varying parameters to each API, but you can send one request that will return all the information your application needs.
Combine APIs with GraphQL
GraphQL is a great technology to combine different microservices that, like an API gateway, can provide a single entry point into a company’s APIs. However, using GraphQL as the API gateway in your API architecture is not common yet. This is strange as GraphQL gives you many of the benefits you get from an API gateway at no additional cost.
GraphQL lets you combine requests to different services into one single request while giving you a version-less API. GraphQL lets you control both the shape and result of the response of a request, while API gateways only let you control the request itself.
One consumer of your GraphQL API might need only a subselection of the response, while another needs the full response. Without GraphQL, you cannot limit which data will be returned without creating a new endpoint for this response.
Depending on the framework or service you use for your GraphQL API, you can handle access control or rate limiting out of the box, just as you would for an API gateway. At StepZen, we let you configure GraphQL APIs with declarative code only, meaning you can manage your microservices’ APIs with code instead of an admin interface.
GraphQL Versus API Gateways
By using GraphQL as an API gateway, you can get the same benefits as using a regular API gateway, depending on the framework or service you use to create a GraphQL API and more. For example, developers who use StepZen to create a GraphQL API declaratively get the added benefit of load balancing, monitoring/analytics and security when using StepZen’s managed service.
Also, you get insights into the structure of your APIs, as GraphQL exposes a schema with all the response types and operations the GraphQL API supports. Even if your underlying APIs don’t have a specification, the GraphQL API will contain a specification for these APIs. This improves both the developer experience and discoverability of your APIs without having to invest in additional documentation.
