How to expose REST api microservices to the client?

Question

We are splitting rest api monolith into microservices and we encountered following issue

Let us assume the following

• project is asp.net mvc, hosted on iis
• project is hosted on dedicated server (not a cloud)
• monolith rest api had urls defined such as www.domain.com/orders/ www.domain.com/tickets/ etc

When splitting monolith to microservice, ideal situation would be that we end up with

ms1 -> www.domain.com/orders/
ms2 -> www.domain.com/tickets/

Since microservices do not usually correlate with resources this could get messy, for example one microservice could serve more then one resource, or on resource could be served by more then one microservice.

fe.
www.domain.com/tickets/ (ms1)
www.domain.com/tickets/reports (ms2)

or
www.domain.com/tickets (ms1)
www.domain.com/orders (ms1)

What would be solution for this?

• Use IIS rewrite to match resource with microservice fe. GET www.domain.com/tickets/5 via iis rewrite to call -> ticketsms.domain.com/tickets/5
• Use API gateway to route request to proper microservice endpoint fe. GET www.domain.com/tickets/5 via API gateway to call -> ticketsms.domain.com/tickets/5

So basically the primary goal is to have full rest api apear like

GET www.domain.com/tickets/5
GET www.domain.com/orders/5
POST www.domain.com/orders/
GET www.domain.com/invoices/100

etc

So are iis rewrite and api gateway are the only two options here? Should microservices be exposed directly to the clients, or should they go trought API gateway. Is API gateway overkill in this scenario?

Answer 1

The API gateway definitely adds value - what you split is your implementation into smaller units (the microservices) - it allows you to manage, monitor and govern the API interfaces centrally as a single unit, separately from the implementation(s).

Exposing individual microservice endpoints might not be easy to manage - for instance, you would need to apply access control policies separately to each.