Gateway¶
Responsibility¶
External entrypoint and policy enforcement boundary for inbound traffic.
Inbound Authentication¶
- JWT/API key verification
- route-level required scopes
Outbound Authentication¶
- Forwards validated identity context to backend services.
Flow policies (YAML)¶
Declarative policies loaded from POLICY_DIR (default /app/flows/policies): required headers, OAuth introspection, product rate limits, transform specs. Applied on edge routes (/v1/api, /v1/webhooks). Full reference: Gateway flow policies.
Key Config¶
- Gateway route/policy configuration
- upstream service targets
Health¶
GET /healthzGET /readyz