Smart Proxy
The smart proxy adding mTLS, retries, cache in front of a third-party service.
Problem
A partner EDI exposes a capricious API — 100 req/s limit, no cache, no observability. How to use it reliably from a modern system?
Forces
- You cannot modify the partner — it is imposed.
- The functional contract must be respected.
- Cross-cutting features (retries, cache, traces) must not pollute business code.
- The proxy must be transparent — client calls as if nothing.
Solution
Deploy a Smart Proxy (typically Envoy, NGINX+, Kong, AWS API Gateway) in front of the partner service. The proxy adds: circuit breaker, client-side rate limiting, caching with TTL, mTLS upgrade, OpenTelemetry traces, retries with backoff. Client calls the proxy as if calling the partner — transparent.
EDI implementation
In EDI, Smart Proxy is crucial for: (1) AS2 partners with short-lived certificates — proxy handles rollover, (2) customs APIs (NCTS, ICS 2) — aggressive caching on static codes, (3) PEPPOL discovery (SMP lookups) — 1h caching. Implementation: Envoy sidecar with custom filters, or Kong with Lua plugins.
Anti-patterns
- Proxy altering business semantics — must remain transparent.
- Cache too aggressive — stale data sent downstream.
- No proxy monitoring — becomes a black hole.
Related patterns
- Circuit Breaker — proxy feature.
- Wire Tap — observation enabled by proxy.
Sources
- Hohpe G., Woolf B. — EIP, Smart Proxy (p. 558). www.enterpriseintegrationpatterns.com/patterns/messaging/SmartProxy.html
- Envoy Proxy — Documentation. www.envoyproxy.io/docs