Open Source API Gateway Roundup

Features of API Gateways

API gateways do vary in implementation, but all have certain common features:

  • Data Validation
  • Authentication
  • Versioning
  • Caching
  • Analytics


Tyk is a modular, open-source API gateway. It’s flexible and open-source, so you can integrate third-party middleware or deploy customized plugins, adapting your Tyk implementation for your company’s needs. Tyk allows you to connect every data source, API endpoint, and backend service in your system, making it easy for you to see your APIs, control access, document your APIs, and monitor your API routes. You can implement Tyk as either a self-hosted solution where your organization is responsible for managing the servers used to run Tyk, or you can use it as a fully-managed solution if that works better for your organization.


While NGINX is primarily known as a popular web server, reverse proxy, and load balancer, NGINX can also function as an API gateway. If NGINX is already part of your API tech stack, your team can quickly deploy it as an API gateway, making it an excellent choice. It’s also a good fit for both single-service monoliths and microservice backend implementations.


Gravitee is a popular open-source API gateway that shares a core set of features with the rest of our list with a unique implementation. It allows you to control who accesses your API and how, limit what resources they can use on your API, and add functionality to monitor your API. It’s designed to be quick to implement for developers with HTTP server experience. Gravitee was built to be as lightweight and flexible as possible, so your developers will have minimal overhead while building it so you can create value for your users.


Kong is based on NGINX, an API gateway that has already appeared on our list. Certain unique aspects of Kong have made it a popular choice for organizations of various sizes. Kong is focused on enabling a microservice API architecture at scale and offers a large suite of plugins to accomplish this. You don’t need to install every Kong service to get started. It’s built to be modular and flexible, so you only install the services that your team wants to use.

Extend Your API Gateway

The API gateways we’ve listed go beyond the most common core features of an API gateway, with unique aspects that may make them a better fit for your organization. It’s important to look at your longer-term needs when you evaluate API gateways, so you are not forced to migrate to a different solution later in your product development cycle. All the API gateways we’ve discussed have methods to easily extend their functionality. Your API needs are going to change over time, and you will need to be able to change your API gateway to fit your needs to keep providing the best experience for your users.



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Adam DuVander

Adam DuVander

With APIs and people, anything is possible. Mostly it’s the people.