DEV Community

Cover image for Forward Proxy vs Reverse Proxy vs API Gateways
Rohit Sharma
Rohit Sharma

Posted on

Forward Proxy vs Reverse Proxy vs API Gateways

#proxy #forwardproxy #reverseproxy #apigateway

This is a very common confusion because Forward Proxy, Reverse Proxy, and API Gateway all sit "in the middle" of communication. The difference is who they represent and what additional functionality they provide.

1. Forward Proxy: A Forward Proxy sits in front of the client and acts on behalf of the client.

Client --> Forward Proxy --> Internet Server

The server thinks: "This request came from the proxy."

Example: Suppose your company blocks access to social media.

The company proxy can:

  1. Allow/block websites
  2. Cache responses
  3. Hide your IP address
  4. Log your traffic

Real-world examples: Company Proxies and VPN Servers

2. Reverse Proxy: A Reverse Proxy sits in front of the servers and acts on behalf of the servers.

Client --> Reverse Proxy --> Backend Servers

The client thinks: "I am talking to one server."

But behind the proxy, there may be many servers.

Example

Internet
    |
    v
NGINX
    |
    +--> App Server 1
    +--> App Server 2
    +--> App Server 3
Enter fullscreen mode Exit fullscreen mode

Responsibilities:

  1. Load balancing
  2. SSL termination
  3. Caching
  4. Compression
  5. Routing

Examples: Nginx

3. API Gateway: An API Gateway is a specialized reverse proxy for APIs and microservices.

Client
   |
   v
API Gateway
   |
   +--> User Service
   +--> Order Service
   +--> Payment Service
Enter fullscreen mode Exit fullscreen mode

It does everything a reverse proxy does plus:

  1. Authentication
  2. Authorization
  3. Rate limiting
  4. API versioning
  5. Request transformation
  6. Response aggregation
  7. Monitoring
  8. API keys
  9. Quotas

Why Definitions Sound Similar? Because all of them:

  • Receive requests
  • Forward requests
  • Return responses 
The real difference is:

Question            Forward Proxy   Reverse Proxy   API Gateway
Represents whom?    Client          Server          Server/API
Sits in front of?   Clients         Servers         APIs/Microservices
Used by?            Internal users  Backend systems Microservices
Authentication?     Rare            Sometimes       Yes
Rate limiting?      Rare            Sometimes       Yes
Aggregation?        No              No              Yes
Enter fullscreen mode Exit fullscreen mode

One-line way to remember

Forward Proxy β†’ protects and represents clients.
Reverse Proxy β†’ protects and represents servers.
API Gateway β†’ a smart reverse proxy specifically for APIs and microservices.

Top comments (0)