Look Inside

Tap to view

Understanding API Gateways
What is an API Gateway? Roles and responsibilities, how they differ from HTTP proxies and WAFs, and the main types of gateways.
How an API Gateway works?
Routing, message flow, plugins, expression languages
Deployment Strategies
Stand-alone vs. containerized, placement in the DMZ, and clustering.
Installation and ApiOps
Setting up infrastructure, pipelines, and Git-based workflows.
OpenAPI
Configure gateways directly from OpenAPI documents and enable validation.
Orchestration
Combine calls, aggregate responses, and handle errors gracefully.
API Security
Authentication, TLS, attack protection for JSON and GraphQL, API keys, tokens, OAuth 2, OIDC, and JWT.
CORS
Using APIs with CORS, origins and preflight configuration.
Traffic Control
Apply routing rules, rate limits, quotas, and throttling.
Performance
Latency and bandwidth. How fast is an API Gateway?

Membrane Installation and Configuration
First steps, Getting started
Routing Traffic
Routing based on path, method, host, dynamic with if, ...
Internals
Exchange and message, properties
OpenAPI
Configuration, validation, rewriting
Transformation
JSON and XML mapping, field masking, schema evolution, versioning
API Security
SSL/TLS, validation of JSON Tokens, OAuth2, OpenID Connect
Legacy Integration
Mocking a Web Service, routing SOAP, WSDL support, XML to JSON transformation
Observability
Structured logs, tracing, metrics, dashboards

The book contains many configuration examples, API requests, and URLs. In the PDF version, these snippets can be difficult to copy.

This file provides the same snippets in an easy-to-copy format, so you can paste them directly into Membrane configurations or your terminal.