How Tinder built its API Gateway
The Tinder API Gateway (TAG) is a custom-built system that manages all of Tinder's public APIs while enforcing strict security and authorization protocols. It integrates deeply with Tinder's cloud infrastructure, allowing it to scale efficiently without external dependencies. One of its standout features is Route As Configuration (RAC), which enables developers to push updates to production more quickly by easily configuring external routes, streamlining the release process for services like Recommendations, Match, and Revenue APIs.
Tinder operates over 500 microservices within a service mesh, all of which interact through TAG. Given Tinder's global reach in 190 countries, TAG is crucial in scanning for vulnerabilities and protecting against potential security threats, especially from bad actors attempting to exploit the gateway to access sensitive information.
Why Tinder wanted a custom API Gateway
Before developing TAG, Tinder used several API Gateway solutions across various application teams. Each team relied on a different third-party API Gateway, which made management difficult. Since these gateways were built on different tech stacks, sharing reusable components between different gateways was challenging, leading to delays in getting code into production. Another issue was the inconsistent use of session management across their APIs, mainly because the API Gateways weren’t centralized.
Then Tinder wanted to address those key concerns by finding a solution that could:
They also wanted full control over the framework’s development and support to build the gateway exactly as needed. These goals drove the creation of TAG.
Inside of TAG
TAG is a JVM-based framework built on top of Spring Cloud Gateway. It allows application teams at Tinder to easily create their own API Gateway instances simply by writing configurations. TAG centralizes all external-facing APIs and enforces strict authorization and security rules. It extends components like the gateway and global filters of Spring Cloud Gateway to offer pre-built, reusable filters.
These filters can be used for various purposes, such as:
TAG was designed with developers in mind, supporting configuration-driven development to make their work easier. It improves development speed, simplifies route and service setup using YAML or JSON configurations specific to each environment, and allows for component reuse by sharing filters across different application routes. TAG leverages key components of Spring Cloud Gateway to build a custom framework that developers at Tinder can use effectively.
领英推荐
TAG features several core components:
Here is how TAG Builds Routes at Startup:
Spring Cloud Gateway enables TAG to pre-configure all routes and filters, ensuring smooth execution at runtime. This design prevents any configuration processing delay during runtime, allowing TAG to scale easily and handle high traffic efficiently.
A practical example of TAG workflow
When a request is processed using TAG, it follows these steps:
References