// the find
ExpressGateway/express-gateway
A microservices API Gateway built on top of Express.js
Express Gateway is a Node.js API gateway built as Express middleware, handling auth (basic, JWT, OAuth2, API key), rate limiting, proxying, and request/response transformation via a YAML config. It targets teams already running Node who want a gateway without introducing a separate runtime. The project has an official deprecation notice in the README — it is no longer maintained.
If you already know Express, the policy pipeline model maps directly to how Express middleware chains work — no new mental model required. The built-in OAuth2 server (authorization code, implicit, client credentials, password flows) is rare in self-hosted gateways; most require you to wire an external IdP. The YAML config with hot reload and a REST admin API is genuinely useful operationally. Test coverage is broad across both unit and e2e levels, which is better than most gateway projects of this era.
Dead project — deprecated in 2020, last meaningful activity is years old. Do not adopt this for anything new; you will own any CVEs yourself. Redis is the only supported data store for the distributed state, so no easy swap. There is no WebSocket or gRPC proxying support, which rules it out for anything beyond plain HTTP. Performance headroom is limited because every request runs through the full Express middleware stack, including per-request policy parsing — you will feel this before Kong or Envoy would.