All Products
Search
Document Center

API Gateway:What is Cloud-native API Gateway

Last Updated:Jun 23, 2026

Cloud-native API Gateway unifies traffic, microservice, and security gateways into a single architecture for service exposure, traffic management, application ingress, and full API lifecycle management. It delivers 1 to 5 times higher performance than self-built gateways, with battle-tested stability from Double 11, multi-layered security (mTLS, logon authentication, WAF, custom plug-ins), and hot-updatable plug-in extensibility.

Why Cloud-native API Gateway

Advantage

Description

Open source compatibility

100% compatible with open source Higress and NGINX Ingress. Integrates with K8s and improves performance, observability, and ease of use.

Fully managed service

Runs as a fully managed cluster. You focus on business development without handling deployment or O&M.

High availability

Comprehensive monitoring and O&M capabilities that address availability pain points of open source middleware.

Cloud-native architecture

All product components are containerized. Includes a K8s Ingress controller and integrates deeply with container services.

Visual management

Visual interface for API visibility, management, and control.

For more information, see Features and Benefits.

Core concepts

Cloud-native API Gateway provides three types of APIs: REST API, HTTP API, and WebSocket API.

HTTP API

HTTP APIs are route-centric interfaces suitable for K8s Ingress, microservice architectures, and AI (SSE) scenarios, enabling quick service exposure.

  • In Kubernetes, an Ingress manages external access to cluster services with Layer 7 load balancing. The Cloud-native API Gateway Ingress controller extends this with stronger traffic management, compatible with NGINX Ingress and over 50 NGINX Ingress annotations (covering 90%+ of use cases). It supports phased releases, flexible service governance, and security protection for large-scale cloud-native distributed applications.

  • When fine-grained API management is not required, configure routes to direct requests to backend services. Routing paths (such as /user/*) are coarser than API operations, enabling quick access configuration and system interaction.

HTTP APIs target development and O&M teams. Routes split business logic and simplify service interaction.

REST API

REST APIs are resource-oriented interfaces that use standard HTTP methods (GET, POST, etc.) to operate on resources. They suit API-first development, cross-team collaboration, and fine-grained API management.

  • An API-first approach designs APIs before building backend services, defining system boundaries and service interactions upfront.

  • Fine-grained management suits scenarios where services are exposed to partners or across internal/external systems. Providers expose specific interfaces, configure per-interface traffic policies, and supply API documentation for consumers.

REST APIs target business-centric teams, promoting cross-team collaboration and rapid iteration.

WebSocket API

WebSocket APIs provide a persistent connection protocol for bidirectional, real-time communication. They support efficient data transmission for applications such as AI, IoT, games, instant messaging, and stock quotes.

WebSocket APIs follow the same route-centric usage path as HTTP APIs, with a longer default timeout period.

Features

Feature

Description

References

API lifecycle management

Manage APIs across their full lifecycle: design, development, testing, publishing, and unpublishing.

API management

K8s Ingress controller

Supports K8s Ingress controller.

N/A

Security authentication

Integrates authentication and logon systems. Supports HTTPS certificates, IP blacklists/whitelists, authentication and authorization (JWT, OIDC, IDaaS), and unusual traffic scrubbing.

Security Management

Observability

Global dashboards, instance monitoring, log retrieval, business TOP lists, log delivery, tracing analysis, and alerts.

Observation and Analysis

Traffic governance

Throttling, degradation, service discovery, routing, multi-registry support, traffic tagging, and timeout configuration.

Routing

Plug-in Marketplace

Built-in plug-ins for authentication, authorization, traffic management, and security. Upload custom plug-ins to extend capabilities.

Plug-in marketplace

High availability

Built on Envoy. Unifies K8s Ingress and microservice gateways. Supports overload protection, seamless publishing and unpublishing, multi-zone disaster recovery, elastic scaling, and automatic fault recovery. SLA of up to 99.99%.

N/A

Billing

For more information, see Billing.

Activate Cloud-native API Gateway

Go to the Cloud-native API Gateway activation page to activate Cloud-native API Gateway.

Contact us

For questions about Cloud-native API Gateway, join the DingTalk group (ID: 88010006189) or submit a ticket.