API Management
Agent Based
An agent in API management is an autonomous or semi-autonomous program that:
- Interprets policies or rules
- Monitors API usage
- Takes actions (e.g., throttling, caching, logging, alerting)
- May use AI/ML or decision trees to optimize or modify API behavior
Agents typically reside in:
- API gateways (like Kong, Apigee, or AWS API Gateway)
- Middleware platforms
- Sidecars in service meshes (e.g., Envoy in Istio)
- Client SDKs (for offline handling, caching, retries)
Proxy Based
A proxy is an intermediary between clients and servers. In API management, a reverse proxy is used to:
- Accept client requests
- Apply policies (security, rate limits, etc.)
- Forward valid requests to the backend services
- Log, monitor, and transform traffic as needed
A proxy-based API manager often acts like a traffic cop, enforcing rules before requests hit the actual API services.
Common Proxy-based API Gateways
| Tool | Type | Features |
|---|---|---|
| Kong | OSS & Cloud | Plugins, rate limiting, auth, logging |
| Apigee | Cloud | Policies, analytics, monetization |
| AWS API Gateway | Cloud | Lambda auth, usage plans, CORS |
| Nginx/OpenResty | Self-hosted | Scripting, reverse proxy, caching |
| Tyk | OSS & Cloud | JWT, auth, quotas, caching |
Proxy vs Agent-Based API Management
| Feature | Proxy-Based API Management | Agent-Based API Management |
|---|---|---|
| Central control point | ✅ Yes | ⚠️ Not always centralized |
| Requires client support | ❌ No | ✅ Sometimes (e.g. SDK agent) |
| Latency impact | ✅ Slight (adds hop) | ✅ or ❌ (depends on location) |
| Extensibility | ✅ via plugins | ✅ via scripts or AI logic |
| Offline behavior | ❌ Cannot handle | ✅ Client-side agent can |