On This Page
An API management platform or an API gateway makes basic security easier. With a well-configured gateway, you know exactly which endpoints are open to the world and what parameters they expect. You still have to filter and validate the input according to best practices, but the attack surface is a fraction of what it would be otherwise.
An API management platform handles traffic shaping. Bad actors will misuse and abuse our API. There will also be people who make honest mistakes and run an infinite loop, as well as customers who are really excited about the service. Any one of those can take down our API or drive costs astronomically high. Regardless of the reason, we need to be able to throttle and stop traffic before it hurts us and our customers.
An API management platform lets you worry about other problems. Most teams have enough problems designing, building, documenting, demonstrating, and marketing an API. When we can hand off essential components to reliable third parties, we have to consider it so we can do all the tasks unique to us.
Finally, an API management platform is excellent at logging. One of the biggest challenges for both your customers and your team is understanding "what happened?" The gateways will capture everything and most present it in a clear, consistent manner. A good debugger will save developers - both internal and external - hours of effort and frustration.