From d0a05cd63c70056e2666538845cb8d48b1c4e6ea Mon Sep 17 00:00:00 2001
From: Alessandro CERIONI <acerioni@grandlyon.com>
Date: Tue, 3 Mar 2020 17:50:50 +0100
Subject: [PATCH] Update api-gateway.md

---
 .../off-the-shelf-apps/api-gateway.md         | 28 +++++++++++++++++--
 1 file changed, 25 insertions(+), 3 deletions(-)

diff --git a/docs/components/off-the-shelf-apps/api-gateway.md b/docs/components/off-the-shelf-apps/api-gateway.md
index cb6977b..2fe1e2f 100644
--- a/docs/components/off-the-shelf-apps/api-gateway.md
+++ b/docs/components/off-the-shelf-apps/api-gateway.md
@@ -1,6 +1,28 @@
 # API Gateway
 
-### TODO
+## Why Kong ?
 
-* Explain the reasons why Kong was chosen
-* Explain which features are used, in particular the AUTHN layer
+* it is Open Source
+* based on Nginx, a widely known Web Server / Reverse Proxy
+* it can be administrated via a dedicated admin REST API
+* it can be deployed in a High Availability fashion
+* it can be extended by various plugins; a Plugin Development Kit is provided
+* it provides several interesting features: load balancing (with active and passive healthcheck), 
+
+## Features
+
+* Load balancer with active healthchecks
+* Plugins : 
+    * jwt
+    * cors
+    * bot-detection (never tested!)
+    * prometheus
+    * key-auth, in order to let (micro-)services authenticate themselves with respect to other (micro-)services
+    * request-transformer, in order to issue authenticated requests towards Matomo
+    * acl, in order to:
+        - let (micro-)service use some potentially dangerous features exposed by other (micro-)services
+        - let the back-office team preview draft posts and access the Admin GUI
+
+## Setup
+
+A Python script allows the administrator to set up the proper configuration, according to the various environments.
-- 
GitLab