Skip to main content

API Gateway Using KrakenD

Image

The increasing demands of users for high-quality web services create the need to integrate various technologies into our application. This will cause the code base to grow larger, making maintenance more difficult over time. A microservices approach offers a solution, where the application is built by combining multiple smaller services, each with a distinct function. For example, one service handles authentication, another manages business functions, another maintains file uploads, and so on. These services communicate and integrate through a common channel.

On the client side, users don't need to understand how the application is built or how it functions internally. They simply send a request to a single endpoint, and processes like authentication, caching, or database querying happen seamlessly. This is where an API gateway is effective. It handles user requests and directs them to the appropriate handler. There are several tools available for building an API gateway, such as Kong, Tyk, or KrakenD. KrakenD, for instance, is a high-performance API gateway built with Go, and it includes common functionalities like TLS, load balancing, authentication, caching, rate-limiting, and more.

Let's consider the following example. Suppose we want to use a single domain to serve the main website, the payment API, and the user API, without revealing to the client that these are three separate backend services. Additionally, we want to create a path that combines the results from both the payment and user APIs.

With KrakenD, we only need to create a configuration in a single JSON file and run the KrakenD executable with that configuration. 

{
  "$schema": "https://www.krakend.io/schema/krakend.json",
  "version": 3,
  "name": "API Gateway",
  "timeout": "5000ms",
  "cache_ttl": "300s",
  "endpoints": [{
    "endpoint": "/",
    "output_encoding": "no-op",
    "backend": [{
        "url_pattern": "/",
        "host": [ "https://domain.com" ]
    }]
  }, {
    "endpoint": "/api/all",
    "backend": [{
      "url_pattern": "/",
      "host": [ "https://payment.api.domain.com" ]
    }, {
      "url_pattern": "/",
      "host": [ "https://user.api.domain.com" ]
    }]
  }]
}

Then, we can run the API gateway server with a simple command. 

krakend run -c krakend.json

Of course, this is just a basic example of what KrakenD can do. There are many more features available, such as monitoring, traffic management, authentication, security, or data manipulation, which we can explore in its documentation. Additionally, the executable comes with a built-in command to audit the configuration and provide recommendations for improving the security of the gateway.


Labels:

Comments

  1. jennyApril 25, 2026 at 6:38 PM

    This comment has been removed by the author.

    ReplyDelete
  2. jennyApril 25, 2026 at 6:39 PM

    For anyone craving premium and inspiring magazine content, magazinenote com is an absolute treasure trove of beautifully written, thoughtfully curated, and endlessly captivating articles every single day. Every piece published here reflects genuine passion and extraordinary dedication to delivering high-quality and meaningful content consistently to readers. I have been completely inspired simply by making this wonderful platform my essential daily reading habit.

    ReplyDelete
  3. NikolayApril 27, 2026 at 2:29 PM

    My dear friends enthusiastically recommended that I explore finlandreport com and I am profoundly and sincerely grateful they introduced me to this outstanding journalistic treasure about Finland. The website covers Finnish politics, culture, travel, innovation, and lifestyle with admirable clarity and consistent professional excellence throughout. It has genuinely deepened and beautifully enriched my appreciation and understanding of magnificent Finland in every possible way.

    ReplyDelete

Post a Comment

Popular posts from this blog

Deploying a Web Server on UpCloud using Terraform Modules

In my earlier post , I shared an example of deploying UpCloud infrastructure using Terraform from scratch. In this post, I want to share how to deploy the infrastructure using available Terraform modules to speed up the set-up process, especially for common use cases like preparing a web server. For instance, our need is to deploy a website with some conditions as follows. The website can be accessed through HTTPS. If the request is HTTP, it will be redirected to HTTPS. There are 2 domains, web1.yourdomain.com and web2.yourdomain.com . But, users should be redirected to "web2" if they are visiting "web1". There are 4 main modules that we need to set up the environment. Private network. It allows the load balancer to connect with the server and pass the traffic. Server. It is used to host the website. Load balancer. It includes backend and frontend configuration. Dynamic certificate. It is requ...
95 comments
Read more

How To Verify Phone Number for Free Using WhatsApp

If you have a product or business that maintains user information like phone numbers, verifying the validity or ownership of the phone number could become important, as the phone number can be used as an authentication method or targeted marketing channel. The typical phone verification procedure is by generating a code or OTP in our application, sending that OTP to the user's phone, and then the user should insert the OTP in our application for verification. The OTP can be sent to the users through services like SMS or WhatsApp that require a valid phone number. For internet-based communication, WhatsApp has become the de facto standard for sending the OTP. WhatsApp requires its users to have a valid phone number during account creation, and it already has a huge number of users, approximately 3 billion in 2025. Using that common procedure, WhatsApp will charge us for each OTP sent. The cost depends on the country of the target phone number. For Indonesia...
4 comments
Read more

Increase of Malicious Activities and Implementation of reCaptcha

In recent time, I've seen the increase of malicious activities such as login attempts or phishing emails to some accounts I manage. Let me list some of them and the actions taken. SSH Access Attempts This happened on a server that host a Gitlab server. Because of this case, I started to limit the incoming traffic to the server using internal and cloud firewall provided by the cloud provider. I limit the exposed ports, connected network interfaces, and allowed protocols. Phishing Attempts This typically happened through email and messaging platform such as Whatsapp and Facebook Page messaging. The malicious actors tried to share a suspicious link lured as invoice, support ticket, or something else. Malicious links shared Spammy Bot The actors leverage one of public endpoint on my website to send emails. Actually, the emails won't be forwarded anywhere except to my own email so this just full my inbox. This bot is quite active, but I'm still not sure what...
3 comments
Read more

What's Good About Strapi, a Headless CMS

Recently, I've been revisiting Strapi as a solution for building backend systems. I still think this headless CMS can be quite useful in certain cases, especially for faster prototyping or creating common websites like company profiles or e-commerce platforms . It might even have the potential to handle more complex systems. With the release of version 5, I'm curious to know what updates it brings. Strapi has launched a new documentation page, and it already feels like an improvement in navigation and content structure compared to the previous version. That said, there's still room for improvement, particularly when it comes to use cases and best practices for working with Strapi. In my opinion, Strapi stands out with some compelling features that could catch developers' attention. I believe three key aspects of Strapi offer notable advantages. First, the content-type builder feature lets us design the data structure of an entity or database model , including ...
4 comments
Read more

Why Hashicorp Vault Can Be Important

As I have been working on many software projects and teams, I see that sharing credentials among developers is a common thing. Sometimes, developers store credentials in a file where everyone in the team can access them just to streamline the development process. But, I was also wondering how to maintain the security of the software or data managed while the credentials are accessible to everyone. How can we monitor the usage, make sure that no one in the team uses the credentials differently than they're supposed to be, or renew the credentials with ease? Hashicorp Vault is one of the solutions in the market that can answer that question. There are three main problems that Vault solves. The first is called secret sprawl where the credentials are spread everywhere to many individuals. Then, it becomes difficult when someone leave the team and we have to renew the existing credentials to secure the access. Vault can provide a mechanism to centralize the credentials storage, p...
3 comments
Read more

Kenshin VS The Assassin

It is an assassin versus assassin.
3 comments
Read more