Large Files & APIs | Façade Approach

In today’s digitally connected world, API functionalities and file transfers are crucial components of modern digital systems, enabling the creation of connected and data-driven digital ecosystems. By implementing the right approach, this combination of APIs and file transfer have the potential to unlock new business opportunities for innovation and growth. However, the combination of those two elements can pose technical challenges. Find out how you can address this challenge by using a façade.

Combining API functionalities with file transfer can be a technically complex task. It can lead to a situation where neither the Managed File Transfer (MFT) solution nor the gateway solution is fully equipped to meet all the technical requirements for the integration.

This situation can arise when the files that need to be transmitted are relatively large, which may potentially lead to performance issues on your API gateway. Additionally, if you have API logic that cannot be easily handled in an MFT solution, the challenge grows.

In this scenario, a technical solution that can integrate MFT and gateway functionalities while correlating activity across the two, is required. Keep in mind that the solution must take security considerations into account that may not be part of the usual setup.

Using a façade is one possible solution to this challenge. By creating a façade, the complexity of the integration process is shifted from the provider systems to a separate component which can simplify the overall process.

In the scheme below, a new component – the façade – is positioned in front of the API gateway and MFT solution. This added component must implement a technology that suits both the API functionality and the file exchange to secure smooth and secure data transmission.

Because the façade is responsible for orchestrating the MFT and API components, there is no need to separately verify that the files belong to the user calling the gateway; this verification is guaranteed by the façade itself.

Depending on the security protocol used to secure the façade, the façade can access the gateway in a standard manner and retrieve user information to correctly call the MFT solution at the same time.

Because the façade serves as an ingress point, it requires careful attention to security. This entails not only setting up the necessary networking and infrastructure securely, but also the re-implementation of policies on the API gateway and MFT solution.

Even with a successful implementation, the use of a façade increases the attack surface for hackers. As a result, the simplified security mechanism for validating the API-MFT cohesiveness needs to be weighed against this potential security risk.

File transfer mechanisms that support the same security protocols as your API offer a clear advantage. No special user management or provisioning system is needed to fully support the authentication and authorization needs of the platform.

The following mechanisms are HTTP-based, and can therefore support OIDC, OAuth2 and other common API security protocols: