API Gateway overview

When you add API Gateway to your product, you gain the following benefits:

Access control

  • Validate JSON web tokens (JWT) and API keys at the edge to offload your identity provider (IdP) and reduce the number of network round trips.
  • Create API keys and manage their life cycle.
  • Authenticate traffic before it reaches your origin server.
  • Reject undesirable API calls.

Traffic management

  • Set and enforce limits on incoming API requests per unit of time and per API consumer.
  • Grant appropriate levels of API access to internal teams, strategic partners, and developers based on a pricing tier, service they use, or other criteria.
  • Reduce operational burden by setting the amount of API load that can be consumed.

Reporting

  • Learn how API consumers use your APIs.
  • Review traffic and error patterns to optimize your API delivery.

Policy definition

  • Use common API definition formats (Swagger 2.0, Swagger 3.0, and RAML 0.8) to onboard APIs.
  • Use API interfaces to programmatically control product features.
  • Set routing rules for API traffic.

Cloud advantages

  • Set up unlimited proxies.
  • Reduce latency through worldwide server deployment.
  • Store API responses with extensive caching options.
  • Operate your API in a PCI, HIPAA, and FedRAMP certified environment.

More protection and reliability

Using API Gateway, you can configure the following delivery settings to enhance the protection and reliability of your system:

API privacy. Determine whether API keys should govern access to your registered API endpoints and resources.

JWT validation. Authenticate API consumers with JSON web tokens‚ÄĒan open standard (RFC 7519) that defines a compact and self-contained method for securely transmitting information between parties encoded as a JSON object.

Cross-origin resource sharing (CORS). Enable user agents to request restricted resources from external domains outside the domain that served the first resource.

Caching. Specify properties such as the maximum age of cached content, caching HTTP error responses, and downstream cacheability for API clients.

GZIP compression. Ensure the proper compression of content-types for bandwidth savings.

Error response customizationBETA. Customize the response bodies, status codes, and headers of selected errors.

GraphQL cachingBETA. Set specific caching instructions for APIs that use GraphQL to deliver structured content to API clients.

All sections in this guide help you register APIs and configure API Gateway features through the API Definitions, API Keys and Traffic Management user interfaces. If you prefer to do this programmatically, use the Akamai administrative APIs and see the following documents for guidance:

Before you register an API configuration in API Definitions and start using API delivery features, you first have to set up a property configuration in Property Manager. You also need to add appropriate permissions to user roles in Identity and Access Management.

Learn more about API Gateway

Apart from the features available in the API Gateway module, you can use other tools to improve the performance of your system.

Property Manager online help

The Property Manager online help provides useful information about different elements of Property Manager, including properties, rules, and behaviors.

If you want context-specific help for any item in a Property Manager window, you can select the help icon next to it. For broader support, select the help button at the top of the page.

User guides and other documentation

You can access a full suite of user manuals, implementation guides, and other documentation by clicking the Support link in ‚ÄčAkamai Control Center‚Äč. On the Support page, the Knowledge sidebar contains a knowledge base search field and links to various resources.