The key feature of API Gateways is the access to all system requests, services they target, and outgoing responses. This position enables capabilities that go beyond simple routing.

Let’s peek into these capabilities.

API Versioning
If multiple API versions exist, the Gateway can forward requests targeting specific API versions to the matching service implementations, centralizing backward compatibility.

Canary Deployments
The Gateway can route portions of traffic to new service instances running updated code. As it has access to request and auth data, it can do so based on routes, headers, regions, or tenant attributes.

Basic validation
The Gateway may check for oversized payloads and validate basic schema constraints before traffic reaches services, reducing unnecessary system load.

Request / Response transformation
The Gateway may enrich requests, e. g. inject tenant data or correlation IDs. In the same manner it can reshape responses, e. g. by hiding internal fields from response payloads.

Data aggregation
In simple cases, the Gateway can split a request across multiple services and combine responses before returning them, reducing the need for separate aggregation services.

Caching
The Gateway can cache common GET requests, improving latency for high-traffic endpoints and protecting downstream services from excessive load.

The API Gateway is not just a router and observer — it is a policy enforcement and traffic management layer.