api-gateway-configuration
Configures API gateways for routing, authentication, rate limiting, and request transformation in microservice architectures. Use when setting up Kong, Nginx, AWS API Gateway, or Traefik for centralized API management.
git clone --depth 1 https://github.com/secondsky/claude-skills /tmp/api-gateway-configuration && cp -r /tmp/api-gateway-configuration/plugins/api-gateway-configuration/skills/api-gateway-configuration ~/.claude/skills/api-gateway-configurationSKILL.md
# API Gateway Configuration
Design and configure API gateways for microservice architectures.
## Gateway Responsibilities
- Request routing and load balancing
- Authentication and authorization
- Rate limiting and throttling
- Request/response transformation
- Logging and monitoring
- SSL termination
## Kong Configuration (YAML)
```yaml
_format_version: "3.0"
services:
- name: user-service
url: http://user-service:3000
routes:
- name: user-routes
paths: ["/api/users"]
plugins:
- name: rate-limiting
config:
minute: 100
policy: local
- name: jwt
- name: order-service
url: http://order-service:3000
routes:
- name: order-routes
paths: ["/api/orders"]
```
## Nginx Configuration
```nginx
upstream backend {
server backend1:3000 weight=5;
server backend2:3000 weight=5;
keepalive 32;
}
server {
listen 443 ssl;
location /api/ {
proxy_pass http://backend;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_cache_valid 200 1m;
}
location /health {
return 200 'OK';
}
}
```
## AWS API Gateway (SAM)
```yaml
Resources:
ApiGateway:
Type: AWS::Serverless::Api
Properties:
StageName: prod
Auth:
DefaultAuthorizer: JWTAuthorizer
Authorizers:
JWTAuthorizer:
JwtConfiguration:
issuer: !Sub "https://cognito-idp.${AWS::Region}.amazonaws.com/${UserPoolId}"
```
## Best Practices
- Authenticate at gateway level
- Implement global rate limiting
- Enable request logging
- Use health checks for backends
- Apply response caching strategically
- Never expose backend details in errors
- Enforce HTTPS in productionRole-based access control (RBAC) with permissions and policies. Use for admin dashboards, enterprise access, multi-tenant apps, fine-grained authorization, or encountering permission hierarchies, role inheritance, policy conflicts.
100+ animated React components (Aceternity UI) for Next.js with Tailwind. Use for hero sections, parallax, 3D effects, or encountering animation, shadcn CLI integration errors.
shadcn/ui AI chat components for conversational interfaces. Use for streaming chat, tool/function displays, reasoning visualization, or encountering Next.js App Router setup, Tailwind v4 integration, AI SDK v5 migration errors.
Vercel AI SDK v5 for backend AI (text generation, structured output, tools, agents). Multi-provider. Use for server-side AI or encountering AI_APICallError, AI_NoObjectGeneratedError, streaming failures.
Vercel AI SDK v5 React hooks (useChat, useCompletion, useObject) for AI chat interfaces. Use for React/Next.js AI apps or encountering parse stream errors, no response, streaming issues.
Secure API authentication with JWT, OAuth 2.0, API keys. Use for authentication systems, third-party integrations, service-to-service communication, or encountering token management, security headers, auth flow errors.
Creates comprehensive API changelogs documenting breaking changes, deprecations, and migration strategies for API consumers. Use when managing API versions, communicating breaking changes, or creating upgrade guides.
Verifies API contracts between services using consumer-driven contracts, schema validation, and tools like Pact. Use when testing microservices communication, preventing breaking changes, or validating OpenAPI specifications.