express-gateway | A microservices API Gateway built on top of Expressjs | REST library

I've been trying to do a NodeJS Microservices Architecture using Docker.

I currently have 2 services : Auth API et Users CRUD API. Now my goal is to setup a Gateway using Express-Gateway.

I followed many tutorials on the web to try to set it up but whenever I try to make a request to the gateway (acting like a proxy) it sends a 502 bad gateway response..

response error in PostMan

error in express-gateway logs

My docker-compose.yml :

I'm using Express Gateway to proxy my microservices. I'm hitting the gateway from my react app with Axios. However, the call gets restricted by the CORS Policy. I have enabled CORS in the express gateway and also on my authentication service. I followed the official documentation to enable the CORS from this link for Express Gateway and this link for authentication service(Express App). Here is how I have the code.

Express Gateway config.yml

Im trying to configure api-gateway for my micro service study. I created a pod as a auth-depl and auth-src service for this pod. Also I have another pod&service as links-depl and links-serv. And I want to make a api-gateway for. these services.

The output for "kubeectl get pods":

I'm trying to modify a graphql query variable using express-gateway.

The code on the gateway is as below,

I have currently configured express-gateway to communicate with a service on my backend exposed on a unique port on my machine and it's working fine. The gateway serves as a proxy to the services and currently does some security checks and jwt authentication. Then, only authorized request (through jwt validation) gets sent to services as configured. However, I'm concerned that if I don't put some sort of authentication on my service, then anyone who knows the port (or URL) my service runs on can directly access it and bypass the gateway directly. I'm looking for a way I can set up a sort of auth between the gateway and the service (maybe through keys) so that only the gateway can communicate with the services and not any other client. I currently can't find anything in the docs specifically for that. Also, if there's something wrong with my architecture, I'd appreciate it if you could point it out. Thank you.

I am using a Redis DB to use an Express-Gateway on Heroku. I would like to know how to set Redis credentials as a unique URL-param, instead of using separated vars.

Right now, Express Gateway reads credentials from the file system.config.yml, where credentials structure is

I'm creating an express JS microservices architecture and I'm using express-gateway as an API gateway.

I can expose my services and endpoints through the express gateway , one of the services (Books) has 2 roles (admin, user) with 2 different login startegies (the admin uses JWT and the user uses Firebase auth).

I succeeded in security the admin endpoint /v1/admin with the JWT provided with express-gateway, now I want to create a policy / plugin (I didn't understand the difference) to involve my CheckIfAuthenticatedFirebase Middleware to secure my user endpoint /v1/user.

So I need some help to understand if I must create a plugin or a policy and the steps to do it.

Here is my gateway.config.yml :

I'm deploying a microservices nodejs express application to GKE, I successfully deployed the services (one as Ingress service with static IP @ and one as NodePort service which will not be exposed to Internet).

Now I'm trying to deploy the api gateway which is an express-gateway application, I deployed it in first time as a LoadBalancer service and it's working , here is my service code :

I have deployed my express-gateway on Heroku, using env variables in this way in the gateway.config.yml file: