APIs for Building Secure and Reliable Microservices

Dapr provides integrated APIs for communication, state, and workflow. Dapr leverages industry best practices for security, resiliency, and observability, so you can focus on your code.

image card
Derivco

Performing near-real-time personalized recommendations at scale with Dapr.

Tempestive

Tempestive uses Dapr and Kubernetes to track billions of messages on IoT devices while reducing costs.

HDFC Bank

Handling millions of transactions efficiently with Dapr.

DeFacto

How DeFacto migrated to an event-driven architecture with Dapr.

At-Bay

How At-Bay improved operations with Dapr.

Bosch

Bosch’s Residential IoT Services GmbH (RIoT) uses Dapr actors and Java SDK to build a large scale smart home IoT solution.

Build distributed applications faster

Dapr is a set of integrated APIs with built-in best practices and patterns to build distributed applications. Dapr increases your developer productivity by 20-40% with out-of-the-box features such as workflow, pub/sub, state management, secret stores, external configuration, bindings, actors, distributed lock, and cryptography. You benefit from the built-in security, reliability, and observability capabilities, so you don't need to write boilerplate code to achieve production-ready applications.

Automate your business processes

Author workflows in code to automate complex business processes that are stateful, durable, and long-running.

Take advantage of workflow patterns such as task chaining, fan-out/fan-in, monitor, timers, and external system interaction. Combine Dapr workflow with the Dapr APIs to send messages, invoke services, and store key/value data. Workflow state can be stored in any database of your choice.

Best practices to build secure and resilient applications

Dapr includes built-in security features that are "on by default". Developers and ops can set application-centric policies on APIs, services, and components to limit access without getting into low level networking concerns. Communication is automatically encrypted in-transit with mTLS.

Dapr also provides resiliency policies to protect against failures due to any number of issues, including hardware failures, unexpected throughput, or application lifecycle events, such as scaling out and application restarts. Dapr provides specific capabilities that detect failures and enable configurable retries, back-offs, circuit breakers and timeouts.

Integrate with the infrastructure of your choice

Dapr's component model decouples the integrated API with the underlying resources. For instance, when you're using the Dapr publish subscribe API, you can change the message broker by swapping out a yaml component file to switch from RabbitMQ, to Kafka (or any other supported broker), without changing your application code.

Dapr applications run on Kubernetes or run self-hosted on any virtual or physical machine, so you can run Dapr applications on any cloud or edge.

Incrementally adopt

Dapr can be introduced into an existing architecture incrementally. Dapr applications can call non-Dapr endpoints while still having the Dapr benefits of having resiliency policies, observability, security access through scoping and more.

APIs

Service invocation

Service invocation enables applications to communicate with each other through well-known endpoints in the form of http or gRPC messages. Dapr provides an endpoint that acts as a combination of a reverse proxy with built-in service discovery, while leveraging built-in distributed tracing and error handling.

> Read more about Service invocation

Publish subscribe

Pub/Sub is a loosely coupled messaging pattern where senders (or publishers) publish messages to a topic, to which subscribers subscribe. Dapr supports the pub/sub pattern between applications.

> Read more about Publish subscribe

State management

Application state is anything an application wants to preserve beyond a single session. Dapr provides a key/value-based state and query APIs with pluggable state stores for persistence.

> Read more about State management

Actors

An actor is an isolated, independent unit of compute and state with single-threaded execution. Dapr provides an actor implementation based on the virtual actor pattern which provides a single-threaded programming model and where actors are garbage collected when not in use.

> Read more about Actors

Workflow

The Workflow API enables you to define long running, persistent processes or data flows that span multiple microservices using Dapr workflows or workflow components. The Workflow API can be combined with other Dapr API building blocks.

> Read more about Workflow

Secrets

Dapr provides a secrets API and integrates with secret stores such as public cloud stores, local stores and Kubernetes to store the secrets. Services can call the secrets API to retrieve secrets, for example to get a connection string to a database.

> Read more about Secrets

External configuration

The Configuration API enables you to retrieve and subscribe to application configuration items for supported configuration stores. This enables an application to retrieve specific configuration information, for example, at start up or when configuration changes are made in the store.

> Read more about External configuration

Bindings

A binding provides a bi-directional connection to an external cloud/on-premise service or system. Dapr allows you to invoke the external service through the Dapr binding API, and it allows your application to be triggered by events sent by the connected service.

> Read more about Bindings

Distributed lock

The distributed lock API enables you to take a lock on a resource so that multiple instances of an application can access the resource without conflicts and provide consistency guarantees.

> Read more about Distributed lock

Cryptography

With the cryptography API, you can leverage cryptography in a safe and consistent way. Dapr exposes APIs that allow you to perform operations, such as encrypting and decrypting messages, within key vaults or the Dapr sidecar, without exposing cryptographic keys to your application.

> Read more about Cryptography

Cross Cutting Concerns

Security

Dapr provides end-to-end security with the service invocation API, with the ability to authenticate an application with Dapr and set endpoint access policies. For pub/sub components, you can limit which topic types and applications are allowed to publish and subscribe to specific topics.

> Read more about Security

Observability

Dapr can be configured to emit tracing data using the widely adopted protocols of Open Telemetry (OTEL) and Zipkin. This makes it easily integrated with multiple observability tools.

> Read more about Observability

Resiliency

Dapr provides a capability for defining and applying fault tolerance resiliency policies to your application. You can define policies for following resiliency patterns: timeouts, retries/back-offs, circuit breakers. These policies can be applied to any Dapr API calls when calling components with a resiliency spec.

> Read more about Resiliency

Trusted and Adopted by

IBM logo
PWC logo
Intel logo
Microsoft logo
Alibaba logo
Zeiss logo
NASA logo
HDFC Bank logo
Cisco logo
Rakuten logo
Lufthansa logo
Zscaler logo
Bosch logo
Fujitsu logo
Grafana logo
DeFacto logo
At Bay logo
Man group logo
Wortell logo
Composabl logo
Derivco logo
Tempestive logo

Watch a Quick Introduction to Dapr

Watch Dapr - The ultimate developer API for authoring microservices