This page explains the differences between Endpoints Frameworks for the App Engine standard environment and the Extensible Service Proxy (ESP), which is used in Cloud Endpoints for APIs using OpenAPI or gRPC. For more information about the Endpoints options, see Choosing an Endpoints option.
Cloud Endpoints is an API management system that helps you secure, monitor, analyze, and set quotas on your APIs using the same infrastructure Google uses for its own APIs. API management features includes authentication, API keys, monitoring, logging, and tracing independent of the technology used to implement the API. API management functionality is provided through ESP or by using the Endpoints Frameworks.
Extensible Service Proxy
In Endpoints for OpenAPI and gRPC, API requests are relayed through the Extensible Service Proxy, which validates keys and authentication tokens and sends signals (metrics and logs) by using the Service Control API. The separation provided by ESP means that you can write the REST or gRPC backend code in any language, and you can use gRPC or any framework that supports API description using OpenAPI.
APIs using OpenAPI: The API backend can run on the App Engine flexible environment, Google Kubernetes Engine (GKE), Compute Engine, Kubernetes, or on-premises deployments.
APIs using gRPC: The API backend can run on GKE, Compute Engine, Kubernetes, or on-premises deployments.
A request is sent on the following path:
- A request to your code is received and is sent to ESP.
- ESP sends a check request to Service Control.
- If you configured your API to require an API key or authentication, Service Control checks to see if the request is permitted and sends a response back to ESP.
- If the request isn't permitted, ESP rejects the request. If the request is permitted, it is forwarded to your backend code. Either way, ESP logs information about the request.
Pricing of Endpoints API management depends on the number of calls per month.
For API backends running on the App Engine standard environment, Endpoints Frameworks is available to help developers quickly get started serving an API. Endpoints Frameworks is a web framework and is an alternative to Python Flask or Java Jersey. Endpoints Frameworks integrates with the Service Control API, meaning a backend that uses Endpoints Frameworks doesn't need to run behind the Extensible Service Proxy.
If you have enabled API Management, a request is sent on the following path:
- A request to your code is received and is sent to the Endpoints Management module within Endpoints Frameworks.
- The Endpoints Management module sends a check request to Service Control.
- If you configured your API to require an API key or authentication, Service Control checks to see if the request is permitted and sends a response back to the Endpoints Management module.
- If the request isn't permitted, the Endpoints Management module rejects the request. If the request is permitted, it is forwarded to Endpoints Frameworks. Either way, the Endpoints Management module logs information about the request.
- Endpoints Frameworks routes the request to your backend code.
You can use Endpoints Frameworks with or without API management functionality. Use of Endpoints Frameworks without API management functionality is offered at no charge. API management functionality is charged according to the Endpoints pricing page.
Endpoints Frameworks is supported only for services running on the App Engine standard environment. On Compute Engine, GKE, App Engine flexible environment, or other environments, your services must run behind ESP.
If the service is running behind ESP, you can write the backend code in any language and framework, such as Python Flask, Java Jersey, or Node.js Express. In such environments, there is no need to use Endpoints Frameworks for API management.