CommunityDEENDEENProductsCore ServicesRoadmapRelease NotesService descriptionCertifications and attestationsPrivate CloudManaged ServicesBenefitsSecurity/DSGVOSustainabilityOpenStackMarket leaderPricesPricing modelsComputing & ContainersStorageNetworkDatabase & AnalysisSecurityManagement & ApplicationsPrice calculatorSolutionsIndustriesHealthcarePublic SectorScience and researchAutomotiveMedia and broadcastingRetailUse CasesArtificial intelligenceHigh Performance ComputingBig data and analyticsInternet of ThingsDisaster RecoveryData StorageTurnkey solutionsTelekom cloud solutionsPartner cloud solutionsSwiss Open Telekom CloudReferencesPartnerCIRCLE PartnerTECH PartnerBecome a partnerAcademyTraining & certificationsEssentials trainingFundamentals training coursePractitioner online self-trainingArchitect training courseCertificationsCommunityCommunity blogsCommunity eventsLibraryStudies and whitepaperWebinarsBusiness NavigatorSupportSupport from expertsAI chatbotShared ResponsibilityGuidelines for Security Testing (Penetration Tests)Mobile AppHelp toolsFirst stepsTutorialStatus DashboardFAQTechnical documentationNewsBlogFairs & eventsTrade pressPress inquiriesCommunity

0800 3304477 24 hours a day, seven days a week

Write an E-mail 

Book now and claim starting credit of EUR 250
ProductsCore ServicesPrivate CloudManaged ServicesBenefitsPricesPricing modelsPrice calculatorSolutionsIndustriesUse CasesTurnkey solutionsSwiss Open Telekom CloudReferencesPartnerCIRCLE PartnerTECH PartnerBecome a partnerAcademyTraining & certificationsCommunityLibraryBusiness NavigatorSupportSupport from expertsHelp toolsTechnical documentationNewsBlogFairs & eventsTrade pressPress inquiries
  • 0800 330447724 hours a day, seven days a week
  • Write an E-mail 
Book now and claim starting credit of EUR 250
HomeProducts & ServicesCore ServicesAPI Gateway

API Gateway (APIG)

API Gateway (APIG) Dedicated is a high-performance, high-availability, and high-security API hosting service that helps you build, manage, and deploy APIs at any scale. With just a few clicks, you can integrate internal systems, and selectively expose capabilities with minimal costs and risks. The API Gateway Dedicated is hosted on exclusively allocated cloud resources in your tenant.

API Gateway helps you to monetize your service and data capabilities, you can open them up by creating APIs in APIG. Then you can provide the APIs for API callers using offline channels.

You can also obtain open APIs from APIG to reduce your development time and costs.

Person mit Smartphone in der Hand bedient eine API
 
 

Reasons for APIG in Open Telekom Cloud

Icon mit Häkchen und Server

Available out-of-the-box


You can quickly create APIs by configuring the required settings on the API Gateway console. API Gateway provides an inline debugging tool to simplify API development and allows you to publish an API in multiple environments for easy testing and fast iteration.

Icon mit Zyklus-Symbol und Zahnrad

Convenient API Lifecycle 
Management 

API Gateway provides full-lifecycle API management, including design, development, test, publish, and O&M, to help you quickly build, manage, and deploy APIs at any scale.

Icon mit Server und Schutzschild

Comprehensive security protection

API Gateway provides multiple measures to secure API calling, such as Secure Sockets Layer (SSL) transfer, strict access control, IP address blacklist/whitelist, authentication, anti-replay, anti-attack, and multiple audit rules. In addition, API Gateway implements flexible and refined quota management and request throttling to help you flexibly and securely open your backend services.

Key Features of APIG

Verwaltung und Bereitstellung von APIs über eine Benutzeroberfläche

Administration & deployment

API Gateway (APIG) is a fully managed service that enables you to securely build, manage, and deploy APIs at any scale with high performance and availability. With APIG, you can easily integrate your internal service systems and selectively expose your service capabilities through its API opening and API calling functions. More information here. The API Gateway can also be used to publish functions.

 
Clipboard icon

Refined request 
throttling

API Gateway combines synchronous and asynchronous traffic control and multiple algorithms to throttle requests at the second level. You can flexibly define request throttling policies to ensure stability and continuity of API services.

Diagram icon

Visualized API 
monitoring

API Gateway monitors the number of API calls, data latency, and number of errors, helping you identify potential service risks.

Family tree icon

Flexible policy routes


You can configure backends for an API to forward requests according to multiple policies. This facilitates dark launch and environment management.

Code icon

SDKs of different programming languages

SDKs of different programming languages (such as Java, Go, Python, and C) are available for access from clients. Because the backends do not need to be modified, only one system is required to adapt to different service scenarios (such as mobile devices and IoT).

 

APIG architecture

Grafik APIG architecture
 

API Gateway Features

 
API lifecycle management

The lifecycle of an API involves creating, publishing, removing, and deleting the API. API lifecycle management enables you to expose service capabilities quick and efficient.

Cloud native gateway

APIG integrates traffic ingress (Kubernetes Ingress) and microservice governance (Kubernetes Gateway API) in one gateway, improving performance, simplifying the architecture, and reducing deployment and O&M costs.

Built-in debugging tool 

With the built-in debugging tool, you can debug APIs using different HTTP headers and request bodies. This tool simplifies the API development process and reduces the API development and maintenance costs.

Version management

An API can be published in different environments. Publishing an API again in the same environment will override the API's previous version. APIG displays the publication history (including the version, description, date and time, and environment) of each API. You can roll back an API to any historical version to meet dark launch and version upgrade requirements.

Environment variables

Environment variables are manageable and specific to environments. Variables of an API will be replaced by the values of the variables in the environment where the API will be published. You can create variables in different environments to call different backend services using the same API.

Request throttling
  • For different services and users, you can control the request frequency at which an API can be called by a user, an app, and an IP address. This ensures that backend services can run stable.
     
  • The throttling can be accurate to the second, minute, hour, or day.
     
  • Excluded apps and tenants can be configured to limit the number of API calls from specific apps and tenants, respectively.
Monitoring and alarm

APIG provides visualized, real-time API monitoring, and displays multiple metrics, including number of requests, invocation latency, and number of errors. The metrics help you understand the API usage, allowing you to identify potential service risks.

Access control

Access control policies are one of the security measures provided by APIG. They allow or deny API access from specific IP addresses or accounts.

VPC channels

VPC channels can be created for accessing resources in Virtual Private Clouds (VPCs) and exposing capabilities of backend services deployed in VPCs. A VPC channel forwards API requests to different servers for load balancing.

Signature keys

A signature key consists of a key & secret and takes effect only after being bound to APIs. Signature keys are used by backend services to verify the identity of APIG and ensure secure access.

Mock response

Mock backends simulate API responses for circuit breakers, service degradation, and redirection.

APIG Specifications of dedicated gateways

Edition

Maximum Number of Requests per Second

Basic

2000

Professional

4000

Enterprise

6000

Platinum

10,000

APIG restrictions

Item

Default Restriction

Modifiable

Gateways

5

Ja

API Groups

1500

Ja

APIs

Number of APIs for each gateway edition:

  • Basic: 250
  • Professional: 800
  • Enterprise: 2000
  • Platinum: 8000

Ja

Backend policies

5

Ja

Apps

50. The app quota includes the apps you have created.

Ja

Request throttling policies

  • You can create a maximum of 300 request throttling policies for each gateway.
  • The call limit for a single user cannot exceed that for the target API.
  • The call limit for a single app cannot exceed that for a single user.
  • The call limit for a single IP address cannot exceed that for the target API.

Ja

Environments

10

Ja

Signature keys

200

Ja

Access control policies

100

Ja

VPC channels

200

Ja

Variables

You can create a maximum of 50 variables for an API group in each environment.

Ja

Independent domain names

A maximum of five independent domain names can be bound to an API group.

Ja

Cloud servers

A maximum of 10 cloud servers can be added to a VPC channel.

Ja

Parameters

A maximum of 50 parameters can be created for an API.

Ja

API publication records

A maximum of 10 publication records of an API can be retained for each environment.

Ja

API access rate

Up to 6000 times per second

Ja

Excluded apps

A maximum of 30 excluded apps can be added to a request throttling policy.

Ja

Excluded tenants

A maximum of 30 excluded tenants can be added to a request throttling policy.

Ja

Access to a subdomain name

A subdomain name can be accessed up to 1000 times a day.

Nein

Maximum size of an API request package

12 MB

Ja

TLS protocol

TLS 1.1 and TLS 1.2 are supported. TLS 1.2 is recommended.

Ja

Custom authorizers

50

Nein

Plug-ins

500

Ja

 

Use Cases

Internal System Decoupling

As enterprises develop rapidly with quick business changes, internal systems of enterprises need to keep pace with the development. However, it is difficult to ensure system universality and stability because internal systems are dependent on each other. APIG uses standard RESTful APIs to simplify the service architecture, decouples internal systems, and separates the frontend from backend. Existing capabilities can be reused to avoid repetitive development.
 

Graphic Internal System Decoupling
Enterprise Capabilities Opening

An enterprise cannot develop without partners' capabilities, such as a third-party payment platform and partner account login. APIG enables you to selectively expose capabilities to partners by using standard APIs and share services and data with partners to build a new ecosystem.
 

Graphic Enterprise Capabilities Opening

Neue Features

New Service API Gateway available in EU-DE regionView Details
API Gateway now integrated with FunctionGraphView Details
Don't want to miss any updates?Visit our portfolio roadmap and discover new services and updates.
Learn more
view all release notes
 

Find out more

Documentation

User Manual
API Reference

 

The Open Telekom Cloud Community

This is where users, developers and product owners meet to help each other, share knowledge and discuss.

Discover now

Free expert hotline

Our certified cloud experts provide you with personal service free of charge.

 0800 3304477 (from Germany)

 +800 33044770 (from abroad)

 24 hours a day, seven days a week

Write an E-Mail

Our customer service is available free of charge via E-Mail

Write an E-Mail

AIssistant

Our AI-powered search helps with your cloud needs.

In order to use our AI-powered seach you must first accept the cookies for services by other companies.

Accept the cookies for services by other companies