3 points smrth | 2 comments | 18 May 25 06:18 UTC | HN request time: 0.445s | source

I've worked at a few startups including some prominent ones that offer API-driven products. We almost always built out authentication, authorization, rate-limiting, caching, etc. every time (or by stitching together a bunch of different packages).

Recently talked to a friend working at a more mature company that used AWS API Gateway to handle all of that business logic. Obviously AWS's setup time isn't known for being conducive to fast-moving teams, but why aren't things like Zuplo (https://zuplo.com/docs/articles/what-is-zuplo) or Unkey (https://www.unkey.com/docs/introduction) more commonly used?

(i.e. why do engineers choose to roll their own policies instead of using what seem like very robust solutions—it seems like a healthy separation of concerns...)

1. baobun ◴[18 May 25 06:51 UTC] No.44019500[source]▶

>>44019372 (OP) #

Avoiding vendor lock-in would be one.

↑

Ask HN: Why don't more startups use API gateways?