Key Concepts Overview
API7 Enterprise uses a structured set of abstractions to manage API traffic, security, and lifecycle. This section introduces these core concepts and explains how they relate to each other in a production environment.
Entity relationships
In API7 Gateway, configurations follow a versioned and published workflow. Instead of immediate updates to the data plane, changes are managed through templates and versions, then published to specific gateway groups.
The following diagram illustrates the relationship between these core entities:
Core abstractions
The table below summarizes the fundamental concepts in API7 Gateway.
| Concept | Description |
|---|---|
| Services and Routes | Grouping of URI-based matching rules (Routes) sharing common backend and plugin configurations (Services). |
| Upstreams and Load Balancing | Definitions of backend targets, including load balancing algorithms and health checks. |
| Consumers and Credentials | Identity representing an API caller and their associated authentication tokens. |
| Plugins | Modular components that intercept and modify the request/response flow for security, traffic control, and observability. |
| SSL Certificates | TLS assets used to terminate HTTPS traffic and secure client or upstream connections. |
| Gateway Groups | Logical deployment targets that isolate configuration across environments, regions, or teams. |
| Service Discovery | Dynamic upstream endpoint discovery through systems such as Kubernetes, Consul, and Nacos. |
| Stream Routes | Routing rules for TCP and UDP traffic handled by the gateway's stream proxy. |
Next steps
Deep dive into each concept to understand how to design and manage your API infrastructure: