Skip to content

Gateway

Responsibility

External entrypoint and policy enforcement boundary for inbound traffic.

Inbound Authentication

  • JWT/API key verification
  • route-level required scopes

Outbound Authentication

  • Forwards validated identity context to backend services.

Flow policies (YAML)

Declarative policies loaded from POLICY_DIR (default /app/flows/policies): required headers, OAuth introspection, product rate limits, transform specs. Applied on edge routes (/v1/api, /v1/webhooks). Full reference: Gateway flow policies.

Key Config

  • Gateway route/policy configuration
  • upstream service targets

Health

  • GET /healthz
  • GET /readyz