Contents

Introduction to API Gateways

What is an API Gateway? There has been much ink spilled on the internet on this topic.

I think the NGINX Website sums it up succinctly.

An API gateway takes all API calls from clients, then routes them to the appropriate micro-service with request routing, composition, and protocol translation. Typically it handles a request by invoking multiple micro-services and aggregating the results, to determine the best path. It can translate between web protocols and web‑unfriendly protocols that are used internally.

An e-commerce site might use an API gateway to provide mobile clients with an endpoint for retrieving all product details with a single request. It invokes various services, like product info and reviews, and combines the results.

Here is a diagram that shows that definition.

All of the leading cloud providers have a product that is some form of an “API Gateway” and there are other open source versions as well.

The API Gateway can provide many different benefits that the back-end services may not be able to handle.

  • Conversion of data formats and translation
    • XML to JSON
    • JSON to CSV
  • Stripping out sensitive data from existing API
    • For an example a person API may have SSN but most clients should not see it. The gateway can remove it for certain clients.
    • Some SAAS API’s are not meant to be called by end users as they are “super user APIs”. You can use an API gateway to use the super user API but not allow super user actions
  • Consolidating many API calls into one.
    • You may have many different back-end systems. Your gateway can make those calls for the client and consolidate the response. This simplifies the development for the client.
  • Adds “Modern Authentication” to legacy back-end systems like oAuth.
  • Adds API to legacy back-end systems
  • Protects back-end systems from direct attacks
  • In the case of APIGEE, they are monitoring and responding to internet threats and bot attacks in real time with machine learning.
  • Rate limiting for back-end systems.
  • Mocking back-end systems during development.
  • Caching of back-end data
  • You can enforce rate limits.
  • If your PeopleSoft system is down for maintenance:
    • You can still serve cached responses from the gateway.
    • You have a central place to manage better HTTP responses and determine who was not able to connect during downtimes (centralized logging)
  • Better support of API versioning
  • Better logging support and metric data collection.
  • You can re-write or transform the request and response data coming into and out of PeopleSoft.
    • This can be helpful in situations where there is an actual error but the message structure seems to show HTTP status codes of success which is typical with the HTTPListeningConnector.
    • You can use on “Super User API” that is filtered to provide a new API that has less data. For example, if you have a “Get Person API” that returns home address, SSN, Birth Date, and Names you could use that API but filter the response on the gateway to only return the Name information for a limited client. This allows you to better re-use existing PeopleSoft code.
Author Info
Chris Malek

Chris Malek is a PeopleTools® Technical Consultant with over two decades of experience working on PeopleSoft enterprise software projects. He is available for consulting engagements.

Work with Chris
PeopleSoft REST APIs in Minutes, Not Months
PeopleSoft Simple Web Services (SWS)

SWS turns SQL into production REST APIs — ready for AI, modern apps, and partner integrations. One install, unlimited potential.

  • Configuration-driven, no coding required
  • JSON, XML, and CSV output
  • Works across all PeopleSoft pillars
  • Built on 25+ years of PeopleSoft expertise
Read More & Purchase
Looking for pain-free PeopleSoft web services?
PeopleSoft Simple Web Services (SWS)

A powerful PeopleSoft bolt-on that makes REST web services easy. You bring the SQL, SWS handles the rest.

  • Go from idea to production in minutes
  • Zero code migrations after install
  • JSON, XML, and CSV output supported
  • No PeopleCode or Integration Broker expertise required
Read More & Purchase
Stop Building PeopleSoft Web Services the Hard Way
PeopleSoft Simple Web Services (SWS)

Traditional PeopleSoft web services cost $3,600–$13,000 each to develop. SWS deploys production REST APIs in under 5 minutes through configuration alone.

  • No PeopleCode or Integration Broker expertise required
  • Works across Campus Solutions, HCM, and Financials
  • Built-in pagination, caching, and nested data structures
  • Trusted by institutions across higher education and government
Read More & Purchase
PeopleSoft REST APIs for AI, Modern Apps, and Integrations
PeopleSoft Simple Web Services (SWS)

Turn PeopleSoft data into clean REST APIs for AI integrations, modern applications, and vendor data feeds. Configuration-driven — no PeopleCode required.

  • Deploy production APIs in under 5 minutes
  • AI and LLM ready (RAG, chatbots, intelligent search)
  • JSON, XML, and CSV output
  • Zero modifications to delivered PeopleSoft objects
Read More & Purchase