Advanced Interview #api-gateway #rate-limiting #kong #interview-prep

API Gateway Engineer Interview Questions

5 exercises — covering rate limiting algorithms, gateway authentication patterns, request transformation, traffic management strategies, and gateway selection.

Structure for API Gateway Engineer answers
  • Rate limiting: algorithm choice matters — token bucket (burst friendly) vs sliding window (smooth) vs leaky bucket (strict)
  • Auth at gateway: validate tokens at the edge, not in every service — but do not move business logic to the gateway
  • Request transformation: header injection, path rewriting, body transformation — each has a performance cost
  • Gateway selection: Kong (plugin ecosystem, open source) vs Apigee (analytics, GCP-native) vs AWS API GW (Lambda integration)
0 / 5 completed
1 / 5
The interviewer asks: "Explain the differences between token bucket, leaky bucket, and sliding window rate limiting algorithms. When do you use each?"
Which answer is most precise?