Cloudflare today announced the Cloudflare API Gateway, providing businesses a simple, fast, and effective way to protect and control all of their APIs (application programming interfaces). Organizations are using APIs more than ever before, yet many of them struggle to secure this traffic as legacy solutions are often expensive, overly complex, and slow. Cloudflare API Gateway will simplify the process of identifying, securing, and managing APIs of any protocol on one of the world’s largest and most interconnected networks.
With Cloudflare API Gateway, businesses will be able to:
• Identify and stop API abuse: Leveraging Cloudflare’s unique Machine Learning engine that processes 32+ million requests per second, customers can now automatically analyze their API traffic to detect and prevent API abuses.
• Automatically detect unmanaged APIs: As API use grows, sometimes developers may publish APIs that security teams aren’t aware of. Cloudflare API Gateway passively scans the entire network and automatically lists API endpoints for complete visibility.
• Create and manage APIs directly with Cloudflare Workers: Customers will be able to use integrations with Cloudflare Workers to create lightweight, dynamic APIs that run at our edge.
• Offload authentication and authorization: The gateway will support industry protocols like OAuth 2.0, JSON Web Tokens (JWT) as well as leverage authentication methods available in Cloudflare Access such as Mutual TLS and service tokens.
• Seamlessly route, log, and measure API requests: Cloudflare’s existing products, like Transform Rules, will introduce native gateway functionality without adding latency, helping keep Cloudflare’s API Gateway as fast as possible.
Schema Validation, API Discovery, mTLS, and API Abuse detection are available today, with remaining features coming later this year.