API Gateway Configuration
This document details the API Gateway configurations used across AngelCX services. Our architecture uses API Gateway as the primary entry point for all HTTP requests, implementing a simplified Lambda proxy integration pattern.
Overview
API Gateway serves as the front door for all application APIs in the AngelCX platform, handling requests for:
- Admin API
- AI Engine API
- Post Session Service
- Bot UI interactions
Architecture
graph LR
A[Client] --> B[API Gateway]
B -->|Lambda Proxy| C[Lambda Function]
C --> D[Business Logic]
D --> E[(RDS)]
Integration Pattern
Lambda Proxy Integration
We utilize a simplified API Gateway configuration with a single ANY method that proxies all requests to their respective Lambda functions:
-
Single Endpoint Configuration
- Method:
ANY /* - Integration Type: Lambda Proxy
- This catches all HTTP methods (GET, POST, PUT, DELETE, etc.)
- All paths are automatically forwarded to Lambda
- Method:
-
Request Handling
- Full request details are passed to Lambda
- Including headers, query strings, path parameters
- Lambda receives the complete API Gateway event object
-
Response Handling
- Lambda functions must return properly formatted responses
- API Gateway passes Lambda responses directly to clients
- No response transformation at Gateway level
Environment-Specific Configurations
Development Environment
- Base URL:
https://api-dev.angelcx.ai - Resource naming:
angel-saas-{service-name}-dev
Production Environment
- Base URL:
https://api.angelcx.ai - Resource naming:
angel-saas-{service-name}-prod
Planned Security
Our API Gateway implementations would include several security measures:
-
WAF Integration
- Protection against common web exploits
- Rate limiting
- IP-based restrictions
-
Authentication
- Admin APIs require Cognito JWT tokens
- Public endpoints (Bot UI) use API keys
- Authorization handled at Lambda level
-
CORS
- Configured for web client access
- Restricted to specific origins