An API gateway acts as the entry point for all requests to your API endpoints. And, ensures secure and reliable access to all API endpoints and microservices in your system.
An API gateway proxies all requests and responses between your API clients/applications and back-end API services. It helps you configure, manage, and secure API endpoints. You can also create and manage API definitions in one of the following ways:
- Upload Swagger OAS specification file
- Create your own API definition
For more information, see Create or upload an API definition.
The following image describes how the API gateway receives the client request and sends the response from the back-end API services:
In Citrix Application Delivery Management, this feature is available for the users who have Premium or Advanced licenses.
Benefits of API gateway
The API gateway provides you the following benefits:
Secures your API endpoints: The API gateway adds a security layer and it protects your API endpoints and back-end API servers from the attacks such as:
- Buffer Overflow
- SQL injection
- Cross-site scripting
- Denial of Service (Dos)
Monitors and improves the API performance: The API gateway provides services such as SSL offloading, Authentication, Authorization, Rate limiting, and more. These services increase the API performance and its availability.
The API analytics provide you the visibility to your API performance metrics and threats to your API endpoints. For more information, see View API analytics.
Manages the API traffic: The API gateway abstracts the complexity of your back-end API infrastructure.
Discovers API endpoints: The API gateway discovers the API endpoints that are in your organization and adds to the API Discovery page.
Manage API gateway
As an administrator, you can create API definitions and deploy the API instances on an API gateway (ADC) in Citrix ADM. For more information, see:
In an API gateway, you can apply security policies. To know how to create an API policy, see Add policies to an API deployment.
Grant API gateway configuration and management permissions
As an administrator, you can create an access policy to grant user permissions for API gateway configuration and management. The user permissions can be view, add, edit, and delete. Do the following to grant permissions:
Navigate to Settings > User & Roles > Access policies.
In Create Access Policies, specify a policy Name and the description.
In the Permissions field, expand Applications and then API Gateway.
Select the required API Gateway pages. Then, select the permissions that you want to grant.
Ensure to grant permissions for the features that are necessary to use an API gateway. For example, if you grant user access to the Deployments page, the following features also require user access:
- Load Balancing (Under Network Functions)
- Content Switching (Under Network Functions)
- Device API Proxy (Under API)
For more information about access policies, see Configure access policies on ADM.