The week in API strategy, news, articles, and upcoming events.
James Higginbotham, Curator  A hand-curated weekly newsletter for API developers, sponsored by LaunchAny and CaseySoftware

Find this via Twitter? Subscribe now so you don't miss out

API Developer Weekly

May 6, 2021 - Issue #356
This week focuses on API security, and for good reason. It appears that John Deere and an Experian partner both had API-related security vulnerabilities. 

Also, I'm partnering with Vaughn Vernon ( to offer a public version of my API design workshop "Collaborative Web API Design". This workshop has been offered for the last 8 years as a private course for organizations around the world. Check out the
Collaborative Web API Design Workshop page to learn more. 

Stoplight has announced support for OpenAPI 3.1 documents. Pager Duty is offering their certification program for FREE during their PagerDuty Summit. Finally, Nordic APIs is offering a list of 11 space APIs "because space is neat". 

Happy Reading!
-- James

Hot Topics
Security Practices: The Key to Scaling Your API Strategy
On our latest episode of the API Intersection podcast, we talked in-depth with Isabelle Mauny of 42Crunch. Here are Isabelle's 5 best practices for strengthening API security. []

API Security: Put the Sec in DevSecOps - Resurface
According to a Gartner report*, Gartner's survey "API Usage and its Role in Digital Platform Growth" found that API security ranked in the top three challenges to API strategy for 50% of respondents, followed by lack of skills and lack of API standards. So, how do you secure your APIs? []

CSRF, CORS, and HTTP Security headers Demystified
With an increasing number of breaches, intrusions, and data thefts, securing a web application is extremely important. On the other hand, programmers often do not have a strong grasp of how attacks work and how to mitigate them. This post attempts to close that gap a little. []

Bugs Allowed Hackers to Dox John Deere Tractor Owners
A security researcher found two bugs that allowed him to find customers who had purchased John Deere tractors or equipment. []

Experian API Exposed Credit Scores of Most Americans
Big-three consumer credit bureau Experian just fixed a weakness with a partner website that let anyone look up the credit score of tens of millions of Americans just by supplying their name and mailing address, KrebsOnSecurity has learned. []

NEW: Collaborative Web API Design Workshop
An API design that looks good to the designer may not be the best design to solve real-world problems. Following an API design process encourages communication within the organization and between the organization and the developers ultimately tasked with integrating the API.This 3-day hands-on workshop presents a design process that is flexible to meet the needs of a single API product or mid-to-large scale enterprise API platform. []

Hands-On With Spectral: Using API Linting for Better API Design and API Governance
Spectral is an API linting tool that helps with checking API descriptions (such as OpenAPI or AsyncAPI) to make sure that they follow certain rules. This can... []

11 Space APIs, Because Space is Neat
Space travel has become a routine fact of life in the modern age, as strange as that may sound. While many reading this may have grown up when launches were few and far between, 2021 has several major companies funding exploration and development in space and aeronautics. []

FREE PagerDuty Certification
PagerDuty University offers training solutions that accelerate your time to value, so you can start to see results right away – not weeks and months from now. The best news? Certifications and workshops are FREE during PagerDuty Summit (so you get $7,500 value at no cost). []

Stoplight Now Supports OpenAPI 3.1 Documents
We've enabled all of our Stoplight Platform tools to accept OpenAPI 3.1 documents []
The Business of APIs
The API Economy
Application Programming Interfaces (APIs) have been a big part of the application development world for as long as applications have been around, but they've never been quite as valuable (monetarily, anyway) as they are today. by Ilya Nevolin []

How and Why APIs Are Becoming the Internet
APIs, short for Application Programming Interfaces, allow one system to talk to another. You may be familiar with the concept of an API if you have ever used a service like Twitter or Facebook. These companies offer software developers access to their services via an API which enables them to build and design new programs that fit in with their company's model. by Kaya Ismail []

How APIs can transform global banking
With companies expanding into new regions and doing more trade with the rest of the world than ever before, global transaction banking has become critical to their success. Traditionally, major banks have provided these essential services, covering everything from transfers, payments, and cash and asset management to financing and global trade. by Alex Wright []

Useful Resources
A list of upcoming Net API Events, maintained by Matthew Reinbold

API Security Events
A list of upcoming API security events from

Tyk Whitepaper: Approaching your API Strategy
As well as writing for the James Higginbotham is an Executive API Consultant with experience in API strategy and software architecture. James guides enterprises through their digital transformation journey to deliver a great customer experience and provides training in API and microservice design. []

Book: A Practical Approach to API Design by Casey and Higginbotham
If you read the tech press, everyone knows they need an API but most aren't really sure what it is. They treat it as another checkbox like "Web 2.0" was a few years ago or a mobile app was most recently. In fact, there’s an entire “API-first” movement in development circles that most people don’t understand or even realize why. In this book, we'll start by discussing the what an API is, why you might need one, and follow up with the how to build one. []

Want to share something?
As always, if you want to chat, share a link, or make a suggestion, feel free to drop us a quick note or tagging us on Twitter (@launchany and @caseysoftware) or by emailing us at:
Follow on Twitter    Forward to Friend    Subscribe
Copyright © 2021 LaunchAny, All rights reserved.
unsubscribe from this list