Considering features such as:<p><pre><code> * throttling
* rate limiting
* authentication and authorization
* API usage analytics
</code></pre>
What are the experience of the collective HN crowd regarding the plethora of paid and open source tools out there? What are the pitfalls to look out for, and with which one(s) were the best experiences had?
I am curious as to what tools your team has considered so far, where they partially met the requirements, where they fell short because context will provide relevant answers.<p>To put it another way, for Google the answer to the tooling question is form an inhouse team, include one of the fellows who wrote C to develop a performant garbage collected language, and then throw some of those quarter million dollar a year plus engineers at writing whatever tools you want. At the other end, some entrepreneurial idea person tells the contract PHP programmer to make it happen next week. In the middle is someone who hires a consultant and another person who combines Legos on AWS themselves.<p>Which is a round-about way of getting to the critical idea: the good solutions for your company must fall into a very narrow range of technical <i>and</i> business criteria.<p>Good luck.
Previous discussion related to Kong [open source product from Mashape]: <a href="https://news.ycombinator.com/item?id=9451947" rel="nofollow">https://news.ycombinator.com/item?id=9451947</a>
I'm not aware of a solution that does all this, but for analytics , I have tried Keen.IO [0] which was nice.<p>[0] : <a href="https://keen.io/" rel="nofollow">https://keen.io/</a>