Benefits of Lightweight Proxies for API Management J Simpson November 1, 2023 API Management is dead, according to some thought leaders in the API community. In March 2023, Christian Postas sounded the death knell for full lifecycle API management. Citing a few reasons for the alleged death of API management, Postas states, “Any API management system must fit within a modern development environment that is often multi-language, multi-platform, and multi-cloud. This infrastructure must also fit natively with Git-based deployment workflows (GitOps), including systems built for CI/CD.” API management portals have a tendency to end up as just another silo. In Postas’ words, “In practice, traditional full lifecycle API management systems create silos by forcing users into an all-or-nothing set of tools for defining, implementing, testing, and exposing APIs even if these differ from what a development team wants to use.” While the intentions are likely pure, end-to-end API management solutions often end up being too large to be useful. They can even make automation unwieldy and inefficient, which defeats one of the main points of API management in the first place. As further evidence of this trend, during this year’s Global API Days, Gartner’s Chief of Research for Software Engineering Mark O’Neill predicted a surge in interest in lightweight API proxies as part of a greater trend in the API industry. Kin Lane has also written about “the great unbundling of API management.” Some developers are pivoting to using lightweight proxies rather than monolithic API management portals. But are lightweight proxies actually robust enough for API management at the enterprise level? Let’s dig in and find out some benefits of lightweight proxies to help you decide if they’re suitable for your API management needs. What Are Lightweight Proxies? Lightweight proxies serve as a gateway between API consumers and the backend. Generally speaking, lightweight proxies and gateways have limited features compared to full API management solutions. They essentially wrap an existing API and expose it via a dedicated endpoint. These solutions usually offer basic security and API monitoring features, so they’re well-equipped for most basic and intermediate API applications. Lightweight proxies are essentially lightweight API gateways. To put it simply, all API gateways are API proxies, but not all API proxies are API gateways. API gateways usually feature more advanced security options and offer support for microservices. They also offer more support for transformation, service orchestration, mediation, and DoS prevention. Related: 6 Open-Source API Gateways Benefits of Lightweight Proxies for API Management Now, let’s find out if lightweight API proxies are a good fit for API management in your organization. Unbundles Functionality Between API and Backend Decoupling APIs from the backend is one of the most traditional uses for an API proxy, and it’s one of the main advantages of using API proxies for API management. It’s basically always a best practice to have some form of abstraction layer in place for your APIs, as it prevents everything from unnecessary breakage to potentially exposing vulnerable data and potential security risks. API Proxies Are Modular In his presentation for API Days, O’Neill also noted how many modern organizations feature multiple gateways, citing the example of one gateway for internal APIs, another for cloud-based APIs, and then a public-facing API gateway. Each of these gateways has the potential to become a silo, defeating the purpose of having an API gateway in the first place. In this scenario, it might make more sense for an organization to use a lightweight proxy for each component and then bundle them back together under one monolithic API management at the end. Limits API Sprawl API sprawl is a menace to the digital economy. Sprawl could significantly increase your API vulnerabilities, exposing more API surface area to be exploited by cybercriminals and expanding the likelihood of a data breach. Lightweight API proxies could reduce the risk of API sprawl, helping developers to quickly wrap security features around various APIs simultaneously. Lightweight API Proxies Can Be Inexpensive One of the biggest and most obvious reasons to look into lightweight API management options is cost. Traditional API management systems can be expensive. API proxies are often very inexpensive, if not completely free. This is an easy way to reduce overhead, allowing you to pass the savings onto your customers and giving you an advantage over your competition. Decreases API Redundancy When an API’s consolidated to one endpoint, you greatly limit the likelihood of unnecessary resources and components. Having everything in the same place at the same time makes it much more obvious when something’s out of place or running when it shouldn’t be. Disadvantages of Using An API Proxy Of course, there are also some drawbacks to using API proxies for API management. Here are some things you should remember if you’re considering using a lightweight API proxy for API management. Limited Functionality Not all API proxies are fully-fledged API gateways. A complete API lifecycle management system usually offers more advanced features like rate limiting, authentication, version control, and monetization. If your API is likely to need this advanced functionality, you might do better to choose a more comprehensive API management solution instead of API proxies. Introduce Processing Time Every API system component adds processing time, introducing latency that could cause your customers and users to turn to your competition. This is especially true with more advanced and resource-intensive processes like rate limiting, caching, or transformations. Make sure to keep this in mind when using API proxies and design your APIs accordingly. Impaired Developer Experience API management can provide some extra bells and whistles that make life easier for developers, resulting in an improved developer experience. Some even support developer portals, automated registration for any third-party APIs, and credential generation for developers. Is API Management Actually Dead? As is often the case, the sensationalist headlines don’t tell the whole story. In the article linked up top that kicked off the whole discourse, they even acknowledge API management isn’t dead — it’s just evolving. This is where Forbes advocates for lightweight API proxies that support runtime environments, as developers want the ability to swap out gateways at their discretion. They go on to cite some of the challenges currently afflicting the API industry. They advocate for bottom-up workflows to enhance the developer experience. API proxies can help return control to individual teams and developers as they’re less yoked to one monolithic API gateway. ‘API management’ frequency on Google Trends According to Google Trends, reports of API management’s untimely demise are greatly exaggerated. Yes, searches are currently down in the United States, but the trend is more of a wave than a straight line. There are still more monthly searches for API management than there were in 2018. The demand for API management is clearly still there. As we have seen, according to many of the leading voices in the industry, lightweight API proxies are API management. You should definitely experiment and explore if and when a lightweight API proxy is a suitable tool for your API management needs. The latest API insights straight to your inbox