Sign in to track progress and bookmarks.
You don't want your mobile app to have 50 different URLs for 50 different microservices. An API Gateway provides a single entry point (e.g., api.toolliyo.com) that routes traffic to the correct internal service. We use Ocelot in .NET to build powerful, lightweight gateways.
The gateway can "Aggregate" multiple calls. If a mobile app needs "User Info" and "Last 5 Orders," it makes ONE call to the gateway. The gateway then calls Service A and Service B in parallel, merges the JSON, and returns it to the phone.
Instead of implementing **Authentication**, **Rate Limiting**, and **Logging** in every single microservice, you do it ONCE in the gateway. The internal services can then trust that any request reaching them has already been validated.
// ocelot.json configuration
{
"Routes": [
{
"DownstreamPathTemplate": "/api/users/{everything}",
"UpstreamPathTemplate": "/users/{everything}",
"DownstreamHostAndPorts": [ { "Host": "identity-service", "Port": 80 } ]
}
]
}Q: "What is a 'Leaky Gateway' and how do we avoid it?"
Architect Answer: "A Leaky Gateway happens when you start putting too much **Business Logic** into the Gateway. The Gateway should only care about **Routing** (Networking). If you start calculating discounts or creating database records inside the gateway, you've created a new Monolith. Keep your gateway 'Thin' and move business logic back into the specialized microservices where it belongs."
Quizzes linked to this course—pass to earn certificates.
On this page
1. Routing and Aggregation 2. Cross-Cutting Concerns 4. Interview Mastery