This is the multi-page printable view of this section. Click here to print.

Return to the regular view of this page.

Gravitee

Gravitee acts as a universal governance layer on top of other third-party API Gateways. You can auto-discover third-party Gateway APIs, control API subscriptions, and publish APIs in a universal API Developer Portal.

Features

Core API Management

API proxy between clients and backends
Synchronous API support
Asynchronous API support
API lifecycle management
API versioning
API documentation
Centralized API catalog
API search and discovery
API import/export
v2 and v4 API definitions
Federated APIs

Gateway

Request/response processing
Policy enforcement at request and response phases
Traffic transformation
Traffic securing
Traffic monitoring
Reverse proxy capabilities
Bridge Gateway for hybrid deployments
Sharding tags for Gateway deployment control

Protocol Support

REST APIs
SOAP APIs
WebSocket
gRPC
HTTP/HTTPS
Server-Sent Events (SSE)
Webhooks
Native Kafka protocol
MQTT 5.x
AMQP 0-9-1 (RabbitMQ)
Agent-to-Agent (A2A) protocol
Model Context Protocol (MCP)

Event Broker Integrations

Apache Kafka
Confluent (including Schema Registry)
Solace
HiveMQ
Mosquitto
RabbitMQ
Azure Service Bus
MQTT 5.x brokers

Authentication & Security Plans

Keyless (public) plans
API Key authentication
OAuth 2.0 token introspection
JWT (JSON Web Token) authentication
mTLS (mutual TLS/client certificates)
Push plans for async APIs
Dynamic Client Registration (DCR)

Identity Provider Integrations

Gravitee Access Management
Keycloak
Generic OAuth2 authorization servers
LDAP authentication
HTTP authentication provider
Inline authentication (bring your own users)
OpenID Connect SSO (Enterprise)

Policies

Traffic transformation policies
Security policies
Rate limiting
Caching
Request/response header manipulation
Script execution
HTTP callout policies
TLS enforcement
Assign Metrics (Enterprise)
Cloud Events transformation (Enterprise)
Data Cache (Enterprise)
Data Logging Masking (Enterprise)
GeoIP Filtering (Enterprise)
WS Security Authentication (Enterprise)
XSLT transformation (Enterprise)

Kafka-Specific Policies (Enterprise)

Kafka ACL
Kafka Offloading
Kafka Quota
Kafka Topic Mapping
Kafka Transform Key

Data Transformation Policies (Enterprise)

AVRO to JSON
AVRO to Protobuf
Protobuf to JSON

Applications & Subscriptions

Application registration
Client ID management
OAuth integration for dynamic credentials
Subscription management
Subscription validation workflows
Automatic subscription approval
Subscription transfer
Credential generation

Developer Portal

API discovery and exploration
Interactive API testing
Subscription management
Application management
Usage analytics dashboard
API logs access
Full customization (branding, logos, colors, fonts, layout)
White labeling support
Classic Developer Portal (stable)
New Developer Portal (modern UX, Tech Preview)

Management Console

Web-based UI for API producers
API publishing
Global platform settings
Portal settings configuration
User management
Role management
Custom roles (Enterprise)
Audit trail (Enterprise)

Management API

RESTful API for programmatic management
Management component for core functionality
Portal component for Developer Portal operations
v2 subcomponent for v4 and Federated APIs

Observability & Analytics

Real-time metrics
API analytics dashboards
API logs
Access logging
Request/response logging
OpenTelemetry support
Debug mode (Enterprise)

Reporters

Elasticsearch reporter
File reporter
Datadog reporter (Enterprise)
TCP reporter (Enterprise)
Cloud reporter (Enterprise)

APM Integrations

Splunk
Datadog
Dynatrace

Caching

Redis cache resource
In-memory cache
Cache policy

Service Discovery

HashiCorp Consul integration
Dynamic backend endpoint binding

Documentation Fetchers

Bitbucket
Git
GitHub
GitLab
HTTP

Secret Management

Kubernetes secret provider
HashiCorp Vault (Enterprise)
AWS Secret Manager (Enterprise)
Sensitive data management
TLS certificate management

Agent Mesh (AI Capabilities)

Agent Gateway
A2A (Agent-to-Agent) Proxy
LLM Proxy
Agent Catalog
Agent Tool Server
MCP Server support
AI agent discovery and governance
Token-based rate limiting for LLMs
Prompt Guard Rails
AI agent analytics and cost optimization

Kafka Gateway

Native Kafka protocol support
Kafka topic exposure as APIs
Topic access control
mTLS for Kafka clients
Virtual topics and partitions
Self-service topic subscriptions
Kafka topic documentation

Governance

Federation
API Score
Integrations discovery
Federated APIs
Federation Agent Service Account
Rulesets and Functions
API quality metrics

Enterprise Features

Audit Trail
Bridge Gateway
Custom roles
Dynamic Client Registration (DCR)
Debug mode
Enterprise OpenID Connect SSO
Sharding tags
Alert Engine
API Designer (drag-and-drop)

Alert Engine (Enterprise)

API platform monitoring
Flexible alerting configurations
Email notifications
Slack notifications
Webhook notifications
Pre-configured upstream conditions

Gravitee Cloud

Multi-environment management
Multi-organization management
Environment hierarchies
API promotion across environments
Centralized control plane

Deployment Options

Self-hosted (on-premises/private cloud)
Gravitee-managed (SaaS)
Hybrid deployment
Multi-tenancy support

Deployment Methods

Docker (Compose and CLI)
Kubernetes (vanilla, EKS, AKS, GKE, OpenShift)
RPM packages
ZIP packages
Linux and Windows support

Infrastructure as Code

Terraform provider (Tech Preview)
Gravitee Kubernetes Operator (GKO)
GitOps support
API versioning and automation

Repositories

MongoDB
Redis
Elasticsearch
Bridge HTTP (for hybrid)

Extensibility

Plugin system
Custom policy development
Custom reporter development
Connector plugins
Fetcher plugins
Identity provider plugins
Notifier plugins
Resource plugins
Secret provider plugins
Service plugins

High Availability & Scalability

Horizontal scaling
Rate limit synchronization (Redis)
Distributed caching
Load balancing support
Failover capabilities
Health checks

Response Templates

Custom error responses
Response customization

CORS Configuration

Cross-Origin Resource Sharing support

Quality of Service

QoS configuration for async APIs

Version History

API version tracking
Audit logs per API

MCP Server Exposure

Expose APIM as MCP Server
AI assistant integration
Natural language API management

Use Cases

API Gateway & Proxy

Centralized API entry point for all services
Request/response transformation
Traffic routing and load balancing
Protocol mediation between clients and backends
Reverse proxy for backend services
API aggregation from multiple sources

API Security

Centralized authentication and authorization
API key management and validation
OAuth 2.0 token validation
JWT verification and enforcement
mTLS (mutual TLS) for client certificate authentication
Rate limiting and throttle protection
DDoS mitigation through traffic policies
IP-based access control and GeoIP filtering
Data masking for sensitive information

API Lifecycle Management

API design and documentation
API versioning and deprecation
API publishing and retirement
Environment promotion (dev → staging → production)
API governance and compliance
Quality scoring and standards enforcement

Developer Experience

Self-service API discovery portal
Interactive API documentation and testing
Application registration and management
Subscription workflows
API key and credential provisioning
Usage analytics and monitoring

Event-Driven Architecture

Kafka topic exposure as managed APIs
MQTT broker integration
RabbitMQ message routing
Solace event API management
Azure Service Bus integration
Real-time event streaming
Webhook management
Server-Sent Events (SSE) support

Kafka Gateway

Native Kafka protocol proxying
Kafka topic access control
Multi-tenant Kafka environments
Kafka client authentication (mTLS, API keys)
Topic-level rate limiting and quotas
Kafka topic discovery and documentation
Self-service topic subscriptions

AI & Agent Mesh

LLM proxy and governance
AI agent communication management (A2A protocol)
Model Context Protocol (MCP) server exposure
AI agent discovery and cataloging
Token-based rate limiting for LLMs
Prompt guard rails and content filtering
AI cost optimization and analytics
Centralized AI credential management

Microservices Architecture

Service-to-service communication management
API gateway for microservices
Service discovery integration (Consul)
Traffic splitting and canary releases
Circuit breaking and failover
Health checking and monitoring

Hybrid & Multi-Cloud Deployments

Unified API management across environments
Data residency and compliance
Reduced latency with local gateways
Centralized control with distributed data planes
Multi-region API deployment
Cloud-agnostic API management

Enterprise Integration

Legacy system modernization
SOAP to REST transformation
Protocol bridging (HTTP to Kafka, etc.)
Backend service abstraction
Third-party API aggregation
B2B API exposure

IoT & Edge Computing

Device API management
MQTT protocol support for IoT
Edge gateway deployments
Low-latency local processing
Device authentication and authorization

Partner & Third-Party API Programs

External API monetization
Partner onboarding workflows
Tiered access plans
Usage-based billing support
API consumption analytics
Developer community management

Internal API Governance

Shadow IT prevention
API standardization
Centralized API catalog
API reuse and discovery
Compliance enforcement
Audit trail and logging

Real-Time Applications

WebSocket API management
Server-Sent Events (SSE) support
Streaming data APIs
Low-latency communication
Bidirectional communication support

Analytics & Monitoring

API usage analytics
Performance monitoring
Error tracking and debugging
Custom metrics and dashboards
Integration with APM tools (Datadog, Splunk, Dynatrace)
OpenTelemetry observability

Security & Compliance

PCI-DSS compliance support
GDPR data handling
Audit logging and trail
Access control enforcement
Sensitive data masking
Certificate management

API Monetization

Usage tracking per consumer
Tiered subscription plans
Rate limiting by plan tier
Analytics for billing
Developer application management

DevOps & CI/CD Integration

Infrastructure as Code (Terraform)
Kubernetes-native deployment (GKO)
GitOps workflows
Automated API deployment
Environment configuration management
Version control for API definitions

Federation & Multi-Gateway

Federated API management
Third-party gateway integration
Distributed API governance
Centralized policy management
Cross-organization API sharing

Testing & Development

API mocking and simulation
Debug mode for policy testing
Interactive API testing
Sandbox environments
API Designer for rapid prototyping

Custom Backend Integrations

Salesforce integration
CRM system connections
ERP system APIs
Database API exposure
Custom protocol support
Serverless function integration (via HTTP)