Skip to main content

Developer Portals with Multiple API Gateways: A Flexible Solution

Benefits

No additional software agents

Seamless user experience

All capabilities of API gateways are available

The Issue

Different toolchains, jargon, and offerings: problems you might have

Since gateways primarily hold technical information, such as internal terminology and setup details, directly exposing data from them can result in a poor user experience

Each API provider uses a preferred toolchain, like integrating CRM systems for API key management, so rigid workflows for provisioning or listing API keys are ineffective

Every API provider and gateway has unique solutions, offerings, and needs, so a one-size-fits-all developer portal solution doesn’t work.

The Solution

Composable Authorization Architecture: a flexible solution 

These issues have shown us the need for a pluggable architecture where we can swap out components. Our approach is component-based, and by relying on this method (aka the Composable Authorization Architecture), one can keep their preferred gateways on one developer portal without vendor lock-in, feature loss, or latency.

Proxies versus a Superset of multi-gateway 

With multiple gateways in the picture one commonly used method is relying on proxies. Proxy providers focus on elements that are common in every gateway. As users can only have access to those features that are available on every gateway, feature loss is inevitable. 

Composable authorization architecture means a ‘superset of multi-gateway’. We rely on an open source extension of Drupal (Webform) that provides a flexible form builder framework with a set of reusable form elements. Data distribution is controlled by handlers: they can send the data to different locations, including but not limited to API gateways. It is a direct integration, which means faster and more efficient communication, as there is no need for translation.

A table that explains the differences between proxies and our solution. Our solution, the composable authorization architecture: keeps every gateways’ uniqueness, direct connection instead of translation, cheaper maintenance, allows diversity and complexity, and unified developer experience without the negatives. Proxy: only keeps common elements from every gateway, relies on translations, additional maintenance costs, features loss is inevitable, and different operational principles.

Building blocks of flexible provisioning flow 


Thanks to the pluggable elements, gateway capabilities can be extended, the form handler is capable of sending API key requests to various API gateways, CRMs or ticketing systems. Webforms can also be embedded to other systems as wireframes. 

The form can grow with the team as it’s adjustable without technical help. Aggregation across companies can also be addressed, providers have the opportunity to display the elements that only belong to them.

 

We have the building blocks, you bring the requirements.
 

Do you have questions or want to know more? Don’t hesitate to reach out or read our article on the topic. 

Contact us » Learn more »

Newsletter

Articles on devportals, DX and API docs, event recaps, webinars, and more. Sign up to be up to date with the latest trends and best practices.

 

Subscribe