11436 SSO

API Facade Pattern: Technology for versioning, firewalls, caching

Brian Mulloy
Apr 10, 2012

In the previous post about technologies to implement an API facade, we covered setting up your test and production environment with DNS settings, a Cloud Platform, Web servers, app servers and an API Gateway. This time we'll summarize the technologies to handle some of the more common use cases including versioning, caching and securing with a firewall. 

Versioning & URL routing
Once you've got subdomain routing taken care of as discussed in our previous post Technology for Set Up, you can look at designing to handle multiple versions.

This is a similar scenario to subdomain routing but in this case you're doing URL parsing. Here for example, a request comes in for v2.

v1 of your facade may point at an old system, while v2 points at a new system. In this way, you have a simple way to shunt between two IP addresses and handle the scenario in which you need multiple versions of your API available.

You want app requests coming through the API facade. You don't want anyone figuring out the IP address to which your facade is pointing and bypassing it. If the API facade is bypassed, you'll be unable to track the requests and unable to apply the API design logic you've built into your facade.

To counteract this, you create a firewall to block all the API traffic with the exception of the trusted IP address of the facade. That is, you ALLOW the IP address of the facade in firewall. Your system is then secure with all requests coming through the facade.

Geo DNS & Caching
In this scenario, we'll build out our facade functionality some more by adding a geo-distributed DNS. The DNS sends the app to a geographically close API facade, based on the source of the request.

The number one use case for the geo DNS is caching. This is especially important functionality for apps that have a social network element. You can cache information that doesn't cross regions and clients enjoy a fast experience because the facade is caching the API responses where the requests originated.

So you've added geo DNS and in the API facade have caching capability. You've told the DNS that, based on region, you have 2 different IP addresses to target - either and in our example.


Next, we'll take a look at technologies to implement other common patterns: orchestration across APIs, transformation and compression, and authorization.

POC Requirements for API Management

Next Steps


Resources Gallery