Cloud-native API Gateway unifies traffic, microservices, and API gateway capabilities into a single platform, reducing resource overhead while providing full API lifecycle management.
Unified gateway for traffic, microservices, and APIs
Traffic gateways such as NGINX handle global policies like HTTPS offloading, web firewall, and traffic monitoring, independent of backend applications. Microservices gateways such as Spring Cloud Gateway connect to service registries and enforce business-level policies like service governance and authentication. API gateways manage APIs across their full lifecycle — design, development, testing, and publishing — and provide API- and operation-level policy management.
Cloud-native API Gateway combines all three into a single product, supporting the following scenarios:
-
Full lifecycle API management: design, develop, test, and publish APIs from a single platform.
-
Traffic dispatching: route both north-south (client-to-service) and east-west (service-to-service) traffic through a single gateway.
-
Security protection: enforce HTTPS certificate management, web application firewall (WAF), and identity authentication at the gateway layer.
-
Service governance: integrate service registries for service discovery, health checks, and load balancing.
-
Policy management: apply API- and operation-level policies for throttling, quota management, and access control.
-
Resource optimization: reduce infrastructure overhead by consolidating three gateways into one.
The following figure shows the Cloud-native API Gateway architecture:
API-first development with multi-environment management
In an API-first approach, you define APIs before building backend services, establishing clear system boundaries and service contracts upfront. Cloud-native API Gateway manages each stage of the API lifecycle — design, development, testing, and publishing. You can publish APIs to different gateway instances, each connected to its own backend environment.
Unified API hub for cross-system integration
Cloud-native API Gateway provides standardized API design and publishing, enabling you to manage APIs across systems from a single platform. This simplifies upstream-downstream integration and accelerates collaboration. The gateway integrates with Alibaba Cloud services such as Container Service for Kubernetes (ACK), Microservices Engine (MSE), and Function Compute.
Flexible authentication for secure access
Cloud-native API Gateway supports JWT authentication, OpenID Connect (OIDC) based on OAuth 2.0, and Alibaba Cloud IDaaS for social login through Alipay, Taobao, or Tmall. You can also implement custom authentication logic through plug-in extensions.
The following figure shows how Cloud-native API Gateway authenticates requests across north-south and east-west traffic:
