DEV Community


Discussion on: How do you protect your backend API in your microservice if you use a Single Page Application on the frontend?

djviolin profile image
István Lantos Author

In the last few days I checked some API gateways and dumped it down to these solutions:

Traefik seems a nice little project, but doesn't feature any authorization service and the biggest minus is cannot be extended with plugins (to have some kind of auth), but there is a PR request regarding this, based on Go's newest Plugin library:

Kong, Tyk, and KrakenD seems nice projects, they are also extensible with plugins.

Looks like these projects also managing load balancing and rate limiting, so using HAProxy is obsolute?

usamaashraf profile image
Usama Ashraf

Largely subjective. You might even try developing your own gateway, nothing wrong with that.

I'd prefer using load-balancing, rate-limiting features if they ship with the gateway. Though consider caching as well.
Else, an Nginx/HAProxy instance could be placed in front of multiple instances of the gateway. Best of luck!