What happens when you add an API gateway in front of a decade-old monolith serving thousands of partners? At Mews, we discovered our APIs were being used in ways we never imagined.

Our backend is (in)famously a monolithic application, and while this architecture served us well, it no longer scales for us. To improve our partner-facing API infrastructure, we decided to decouple authorization and rate limiting from the monolith by introducing an API gateway.

In this talk, I’ll share why this seemingly straightforward change became a significant challenge – from dealing with our non-standard API design patterns to discovering how our overly lenient backend stack had created hidden dependencies. You’ll learn about the technical hurdles we faced, how we resolved them, and what we are taking forward for the design of our future APIs.