Skip to content
Farid Gurbanov

APIs & gateways

An API platform lives or dies on adoption. The hard part isn't standing up a gateway — it's making one that twenty teams choose to use because onboarding takes minutes, the security model is consistent, and nobody has to ask permission to ship.

What I do

  • Gateway strategy. Choosing and combining AWS API Gateway, Azure APIM, Kong and Apigee for a hybrid or multi-cloud posture — not picking one product and hoping.
  • Security governance. OAuth2/OIDC flows, mTLS, key rotation, and a single auth model (Okta, Auth0, Entra ID) instead of one per team.
  • Lifecycle and developer experience. Versioning, deprecation, discovery, rate-limiting and quota — with self-service onboarding driven by infrastructure-as-code so the platform scales without a gatekeeper.

Evidenced by

  • Cloud Gateway — a federated AWS + Azure API platform serving 18–20 teams, with Terraform-driven onboarding that cut lead time from days to minutes and saved ~€250–300k a year.

Background: hands-on across all four major gateways; AWS Security – Specialty.

All expertise