Evolving an API is difficult because initial development focuses on domain modeling, not long-term versioning strategies.
An API gateway is a specialized reverse proxy that handles modern, complex requirements like dynamic configuration and client-specific rate limiting.
The first step is to configure the API gateway to proxy requests to the existing upstream service without any downtime.
Introduce a versioned path like /v1 and use the API gateway to rewrite the request path before forwarding it to the upstream service.
Deprecate the old, unversioned endpoint by configuring the API gateway to return an HTTP 301 permanent redirect to the new versioned URL.
Use a custom Lua plugin to enforce rate limits on unauthenticated users, prompting them to register to get an API key for unlimited access.
Safely roll out the new API version by configuring the gateway to split a percentage of production traffic between the old and new upstreams.
Formally deprecate the V1 endpoint by adding Deprecation, Link, and Sunset headers to the response, guiding clients to the new V2 endpoint.
The audience asks questions about rate limiting per token, managing multiple versions, reverting changes, and the definition of API management.
Bitpanda
Vienna, Austria
28:55James Seconde
27:17Bastian Eicher
46:48Stefan Priebsch
20:29Simon Auer
58:52Hans Hosea Schäfer
28:12Josip Stuhli
29:30Yousaf Nabi
28:16Alexis Yushin
Jobs that call for the skills explored in this talk.
Eliassen Group
Madison, United States of America
Etixway
Paris, France
Eliassen Group
Charleston, United States of America
