re: How do you protect your backend API in your microservice if you use a Single Page Application on the frontend? VIEW POST

TOP OF THREAD FULL DISCUSSION
re: I could be on the wrong track here, but employing a microservices-based architecture without a proper API gateway is considered a bad practice. The...
 

In the last few days I checked some API gateways and dumped it down to these solutions:

getkong.org
tyk.io
krakend.io
traefik.io

Traefik seems a nice little project, but doesn't feature any authorization service and the biggest minus is cannot be extended with plugins (to have some kind of auth), but there is a PR request regarding this, based on Go's newest Plugin library: github.com/containous/traefik/issu...

Kong, Tyk, and KrakenD seems nice projects, they are also extensible with plugins.

Looks like these projects also managing load balancing and rate limiting, so using HAProxy is obsolute?

 

Largely subjective. You might even try developing your own gateway, nothing wrong with that.

I'd prefer using load-balancing, rate-limiting features if they ship with the gateway. Though consider caching as well.
Else, an Nginx/HAProxy instance could be placed in front of multiple instances of the gateway. Best of luck!

code of conduct - report abuse