New Insights into Federated API Gateways in Gartner® Hype Cycle™ for APIs, 2023

Seeking greater insights into the role of federated API gateways? A good place to start is the recently published Gartner® Hype Cycle for APIs, 2023 [1], which highlights federated API gateways as a technology at the “emerging” maturity stage with a “high” benefit rating. A copy of the report is available here.

In the Hype Cycle for APIs, 2023 [2], Gartner observes that, “Federation coordinates multi-vendor API gateways. This enables businesses to gain the advantages of native API technologies in multi cloud and on-premises environments, while minimizing the complexity of governance and administration. Federated API gateways help businesses comply with industry regulations regarding data location and API standards, have an agile architecture for innovation, and better assimilate systems acquired through mergers and acquisitions.”

At WSO2, we couldn’t agree more. In our work with enterprises across the globe, we’ve been seeing a subtle, yet significant transformation take place, driven by the evolving needs of both users and businesses alike, which is prompting us to reconsider the conventional approach of relying solely on a single, centralized API gateway. Instead, there is a growing preference for a more adaptable and flexible distributed API management architecture.

Many organizations now recognize that the reliance on a traditional, centralized API gateway no longer aligns with the intricate arrays of demands of cloud native applications and digital services that rely on a multitude of APIs from various resources. This realization has paved the way for a shift towards the adoption of multiple federated API gateways designed to operate across different regions, various cloud platforms, and hybrid deployments. The strategic move to implement multiple federated API gateways is also a direct response to the heightened importance of business continuity and operational efficiency.

However, enterprises face numerous complexities when it comes to managing federated API gateways within a distributed architecture. These typically arise from the requirement to effectively coordinate, govern, and maintain a consistent experience across multiple gateways, each catering to different regions, clouds or environments.

Meanwhile, when identifying challenges to federated API gateways, the Gartner Hype Cycle for APIs, 2023 [3] notes, “A lack of policy standardization causes vendors to have independent opinions of gateway policies and how they are defined.”

We are all too familiar with the challenges of implementing federated gateways, which have arisen because there is no single, standardized gateway management API being universally applied across all the diverse API gateways available today. Instead, current gateway vendors deliver their functions and capabilities in a proprietary way with widely differing strategies and interface implementations. This has resulted in issues across five key areas:

• Policy and configuration management: Changes need to be deployed without disrupting services or causing conflicts, but updating policies, configurations, and routing rules across different gateways can be error-prone.
• Consistency and policy enforcement: Ensuring uniformity in API policies, security measures, and data governance across multiple gateways can be difficult. It requires a mechanism to enforce and update policies consistently across all gateways while accommodating local variations.
• Visibility and monitoring: Monitoring and tracking the performance, usage, and health of APIs across disparate gateways can be intricate. Enterprises need tools and systems that offer centralized visibility to identify issues, ensure compliance, and optimize resource allocation.
• Version control and lifecycle management: Managing API versions, updates and deprecations consistently across various gateways is vital, but keeping track of changes and ensuring backward compatibility while transitioning can be challenging.
• Interoperability: Ensuring smooth communication and data exchange between gateways is essential, but integrating with existing systems, applications and workflows across different gateways can be difficult and time-consuming.

To address these challenges, it is imperative to establish a unified and standardized gateway management API. This not only promotes consistency; it also simplifies the management of policies, configurations, and routing rules across multiple gateways. In this context, the Kubernetes Gateway API project emerges as a pivotal advancement.

The Kubernetes Gateway API project is a strategic solution designed to address the inherent complexities of governing distributed API gateways. By introducing a standardized interface and set of specifications, this project provides a unified approach to managing API gateways within Kubernetes environments. This initiative brings together industry best practices, well-defined protocols, and a cohesive structure, enabling seamless communication and collaboration among diverse gateways.

Envoy, which implements the Kubernetes Gateway API, has emerged as the preferred solution for re-architecting API gateways, since the open-source edge and service proxy has been designed specifically for cloud native applications. Additionally, its adaptability, scalability, and strong security features make it an excellent choice for managing API traffic in diverse cloud environments. For these reasons, we believe federated API gateways based on the Envoy proxy will have a crucial role in enhancing an enterprise’s overall API management architecture.

You can read more in our recent blog post, "The Future of API Gateways on Kubernetes."

[1] Gartner, Hype Cycle for APIs, 2023, Mark O'Neill, John Santoro, July 25, 2023.

[2] Gartner, Hype Cycle for APIs, 2023, July 25, 2023.

[3] Gartner, Hype Cycle for APIs, 2023, July 25, 2023.

GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally, and HYPE CYCLE is a registered trademark of Gartner, Inc. and/or its affiliates and are used herein with permission. All rights reserved.

Gartner does not endorse any vendor, product or service depicted in its research publications and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.