How Cashfree Payments Builds Its Next-Gen API Gateway

API7 Enterprise is a high-performance, enterprise-grade API gateway built on top of Apache APISIX. It provides secure, low-latency traffic management with features like rate limiting, authentication, transformations, and custom plugin support. With API7 Enterprise's scalable architecture and strong enterprise support, businesses can manage APIs more efficiently and cost-effectively.

--Ananth Shenoy, Platform Engineering Manager at Cashfree Payments

Overview

About Cashfree Payments

Cashfree Payments is a leading Indian fintech company offering full-stack payments and API banking solutions. Trusted by 800,000+ businesses, it enables seamless collections, instant payouts, and cross-border payments with 99.99% uptime. Backed by Krafton, SBI, PayPal, and Y Combinator, Cashfree is RBI-authorised and processes over USD 80 billion annually, making it one of the most scalable and reliable payment platforms in India.

Challenges

Before using API7 Enterprise, Cashfree encountered some challenges.

• Performance Limitations: Cashfree experienced increased latency during peak traffic, which degraded application performance and negatively impacted customer experience.

• Inadequate Timely Support: The lack of timely, expert support prolonged the resolution of critical production issues, increasing operational risk.

• Cost Inefficiency: The pricing model's steep cost scaling with traffic growth made it financially unsustainable for long-term expansion.

Results

• Reduced Overhead: Simplified management and faster configuration reduce engineering effort.

• Faster Troubleshooting: Dedicated support leads to quicker incident resolution.

• Increased Developer Productivity: Integrated features and custom plugins accelerate service development.

• Improved Cost Efficiency: The scalable pricing model aligns with traffic growth, avoiding the disproportionate cost increases seen with the previous gateway.

Background

Prior to implementing API7 Enterprise, Cashfree's payment platform was constrained by several critical challenges stemming from its previous API gateway solution. These limitations threatened to impede the company's growth and degrade its service quality:

• Performance Degradation Under Load: The infrastructure struggled with increased latency during high-traffic scenarios, directly impacting application performance and the end-customer experience.

• Insufficient Support Mechanisms: A lack of timely, expert support prolonged the resolution of production issues, increasing potential downtime and operational risk.

• Unsustainable Cost Structure: The existing pricing model scaled disadvantageously with traffic growth, creating financial pressure and making long-term expansion plans less viable.

These challenges necessitated a more robust, supportive, and cost-effective API management solution to ensure future scalability and reliability.

The Cashfree team had been actively exploring alternatives for about 3–6 months to address the challenges they faced with their previous API gateway. The team first came across API7 Enterprise through the open-source project Apache APISIX. Its similarity to the previous API gateway, along with their research into next-generation API management solutions, led them to explore it further as a strong fit for their needs.

Why Cashfree Adopted API7 Enterprise

Technical Selection

Following a comprehensive market analysis, the Cashfree engineering team undertook a rigorous evaluation of potential API management solutions. Their primary candidates included feature-rich commercial platforms like Tyk, the Kubernetes-native Ambassador (now Emissary-ingress), the high-performance NGINX, and several open-source options.

The assessment revealed a landscape of compromises:

• Tyk offered a strong feature set, but its licensing model proved prohibitively expensive at the required scale, negatively impacting the long-term ROI.

• Ambassador was an excellent fit for the Kubernetes environments but lacked robust support for services and use cases outside the K8s ecosystem, creating a potential operational silo.

• NGINX, while a proven performer for load balancing, would have required significant customization to function as a full API gateway, lacking critical out-of-the-box features like a developer portal, advanced rate limiting, and authentication management.

• Pure Open-Source solutions provided maximum flexibility and low initial cost but came with no service-level agreements (SLAs) or enterprise support, representing an unacceptable risk for the team's business-critical production infrastructure.

Why API7 Enterprise Was the Right Choice

Faced with these trade-offs, API7 Enterprise emerged as the superior choice by successfully addressing all the key concerns within Cashfree without compromise. The decision was driven by four critical factors.

1. Superior Performance & Scalability: API7 Enterprise is built on the foundation of Apache APISIX, guaranteeing exceptionally low latency and high throughput even during peak traffic loads. This was non-negotiable for maintaining service-level agreements (SLAs) and ensuring a seamless customer experience.

2. Sustainable and Transparent Pricing: Unlike models that become costly at scale, API7 Enterprise offered a predictable and rational pricing structure that aligns with its growth trajectory, ensuring long-term cost efficiency and budgetary control.

3. Robust Enterprise Support: API7.ai provides dedicated, timely, and expert technical support. This guarantees rapid resolution of production issues, significantly reducing mean time to resolution and mitigating operational risk.

4. Operational Excellence and Flexibility: The platform combines a user-friendly control plane with the powerful, extensible data plane of APISIX. This provides intuitive ease of management while also offering the flexibility to develop custom plugins for unique business logic, ensuring the platform can evolve with the team's needs.

Furthermore, the Cashfree team's existing familiarity and positive experience with the open-source project Apache APISIX ensured a shallow learning curve and allowed for a swift, successful implementation, delivering value faster than any alternative.

Why did Cashfree choose API7 Enterprise over Apache APISIX? Due to its strategic prioritization of the payments business, Cashfree cannot allocate extensive resources to open-source initiatives. API7 Enterprise addresses this by supplying essential support, expert guidance, and established best practices, ensuring operational stability and effective risk management.

How API7 Streamlined the Large-Scale API Migration for Cashfree

Within the architecture of Cashfree Payments, there were about 200 services, 3,000 routes, and 280,000 consumers. To migrate these many entities to the new system in less time, Cashfree needed prompt support and lesser turnaround on the queries they had.

During the migration, a significant challenge was porting over 20 custom plugins from the prior API gateway, each of which required rewriting logic for the API7 ecosystem. This process inherently demanded multiple development iterations.

1. Owing to its architectural similarity to Cashfree's prior gateway setup, API7 Enterprise significantly simplified the migration process and ongoing configuration.

2. Another factor was the hot-reloading feature of API7 Enterprise, which eliminated the need for full deployments with every code change.

According to Shubham, Software Engineer at Cashfree Payments, "API7 has hot reloading of custom plugins where we don't need to do the deployment every time when we make changes. This is a really awesome feature and saves a lot of time while testing."

3. Furthermore, the API7 support team contributed substantially to the project's success through their prompt and effective responses to queries. Their ability to provide quick resolutions was instrumental in ensuring the migration was completed ahead of schedule.

How Did Cashfree Use API7 Enterprise

Cashfree uses API7 Enterprise as its API gateway, serving as the entry point for all traffic flowing into Cashfree.

Key scenarios include:

• Traffic management with features like rate limiting and IP whitelisting.
• Security and access control through authentication and authorization.
• Request/response transformations to streamline integrations.
• Extensibility with custom plugins that address specific business and platform needs.

The API7 team provided expert review of all Cashfree's custom plugins, offering assurance that their implementations followed best practices and were correctly configured.

Specifically, Cashfree provides three major products:

1. PG - Payments processing/checkouts.
2. Payouts - Disbursal of payments.
3. VRS - Verification of customers for compliance and KYC (Know Your Customer).

All external traffic for these products is securely routed and authenticated through API7 Enterprise. This centralized layer enforces robust security policies, including IP whitelisting (for Payouts and VRS) and rate-limiting to ensure fair usage and protect against abuse.

API7 Enterprise is engineered for high scalability, effortlessly handling burst traffic events like merchant sales. During these peaks, it maintains minimal latency, reliably processing up to ~6,000 transactions per second (TPS).

How Does Cashfree Manage Entity Configuration with API7

API7 Enterprise operates with four primary resource types: Service, Route, Consumer, and Plugin. Plugins can be attached to any of these specific resources or applied globally.

For managing Service and Route configurations—along with their associated plugins—the Cashfree team employs the following Git-based workflow:

• A dedicated Bitbucket repository serves as the single source of truth for these entity configurations.
• Changes are made via pull requests to this repository and automatically synchronized with the API7 backend using the API7 ADC (API Declarative CLI) tool.

However, a different approach is required for managing Consumers. Given that the number of Consumer entities typically far exceeds the number of Services and Routes, storing them as static YAML files would be cumbersome and lead to significant repository bloat. To address this scalability challenge, Cashfree manages Consumer entities through a separate, dynamic method.

To manage consumers, the Cashfree team uses CDC (Change Data Capture) method and then a middleware service that consumes these changes and syncs to API7 Enterprise. There are multiple services having multiple users (consumers) and all the changes flow to a centralized service (apigatewaysvc) that directly communicates with API7 Enterprise. The system mainly utilizes key-auth, jwt-auth, ip-restriction and rate limiting plugins for consumers. These values are synchronized across the platform.

All respective products maintain the keys for their users in their respective database and table. Some services have IP restrictions as well. These changes are done by users through the common dashboard.

These changes are persisted to the database and then change logs are read by Maxwell and pushed to Kafka. This includes new key addition/deletion, new IP whitelisted/removed, new rate limit requested for sale/events etc.

Kafka messages are then consumed by apigatewaysvc and synced to API7 through admin API calls to api7-dashboard-svc.

For some services, Merchants raise a support ticket to increase rate limits which are fulfilled by SRE Engineer via the internal dashboard.

Achievements after Using API7 Enterprise

Compared with Cashfree's previous API gateway, the new API7 Enterprise solution delivers measurable enhancements across several key areas:

• Streamlined Migration and Management: Owing to its architectural similarity to Cashfree's prior gateway setup, API7 Enterprise significantly simplified the migration process and ongoing configuration. This familiarity reduced learning curves and accelerated deployment.

• Comprehensive Monitoring and Actionable Metrics: The platform offers advanced observability features, exposing critical metrics that enable data-driven decisions for scaling and optimizing performance.

• Strengthened Operational Reliability: Built-in enterprise support ensures rapid issue resolution, minimizing potential downtime and reinforcing system stability.

Since implementation, the Cashfree team observed significant operational and financial benefits:

• Reduced Overhead: Simplified management and faster configuration reduce engineering effort.
• Faster Troubleshooting: Dedicated support leads to quicker incident resolution.
• Increased Developer Productivity: Integrated features and custom plugins accelerate service development.
• Improved Cost Efficiency: The scalable pricing model aligns with traffic growth, avoiding the disproportionate cost increases seen with the previous gateway.

Together, these improvements have enhanced system performance and developer agility, and delivered substantial cost savings as we continue to scale.

Conclusion

During the testing phase, the API7 team provided dedicated support to Cashfree. The effectiveness of the API7 solution—and the emphasis on building a long-term partnership rather than rushing the process—convinced Cashfree to move forward. The resulting migration was executed smoothly and contributed to notable improvements in developer productivity, operational simplicity, and cost savings at Cashfree.

Over the coming year, the Cashfree team aims to reinforce and broaden its platform layer, with key initiatives focusing on:

• Scaling platform services to support increased traffic and business expansion.
• Enhancing the developer experience through modular, reusable components.
• Strengthening security and compliance features to keep pace with regulatory changes.
• Investing in reliability and observability to maintain consistent performance at scale.
• Exploring advanced API management capabilities to optimize traffic handling and integration processes.

These efforts are geared toward building a more resilient, developer-friendly, and cost-efficient platform, with the ultimate objective of accelerating innovation at Cashfree.