Copy
The week in API strategy, news, articles, and upcoming events.
James Higginbotham, Curator  A hand-curated weekly newsletter for API developers, sponsored by LaunchAny and CaseySoftware

Find this via Twitter? Subscribe now so you don't miss out
 
 

API Developer Weekly

Nov 24, 2022 - Issue #433
This is a holiday week in the U.S., so I fully expect many of you celebrating will be reading this between naps and pie. This week, we have an analysis that shows how many apps are leaking API keys, a look at how to scale APIs to 10 million requests per minute, a holiday event from the folks at Tyk, and a data breach. That, plus a look at how Apache APISIX, AI, Postman, GitHub, and Spectral tooling can address a variety of your API workflow challenges. Finally, a look at how APIs can do more than just carry data. 

Happy Reading!
-- James
 
Hot Topics
Over 1,500 apps found leaking API keys and potentially exposing user data
Security researchers have uncovered more than 1,500 apps leaking the Algolia application programming interface key and application ID, potentially exposing user data. Discovered by researchers at CloudSEK Information Security Pte. Ltd. and shared with Infosecurity Magazine today, 32 applications were found to have critical administrative secrets hardcoded, with 57 unique admin keys found so far. [siliconangle.com]

Scaling APIs to 10 million rpm with P99 latency of 100ms
The API which is responsible to fetch all the Metadata of any Content has seen a Scale of greater than 10 million RPM, while maintaining P99 latency of less than 100ms. This can be viewed over network tab, Response is like this : Let's discuss how an Ideal designed Architecture by Aayush Gupta [medium.com]

APIM Extravaganza
Roll up, roll up. Get your free tickets to the hottest APIM event of the year... This is not just another online event; it's a fresh, fast-moving format full of quick-fire tips and expert advice on how to succeed in 2023. [tyk.io]

API Vulnerabilities in the News: Optus Data Breach
The following is part of an ongoing series of API vulnerability briefs by Neosec's threat research team to help enterprises learn from recent API attacks that affect organizations globally. What happened? by by Neosec Team on November 15, 2022 [securityboulevard.com]

10 most common use cases of an API Gateway
This post elaborates on the 10 most common usages of an API Gateway such as Apache APISIX in architecting API-Led Connectivity. We understand different solutions where you can make use of the API Gateway capabilities to design reliable, high-performance, and simple APIs for other developers. by Bobur [medium.com]

AI in APIs
When it comes to APIs, AI can greatly improve developers' lives, but AI can also benefit from APIs. Let's explore where we can leverage AI in APIs and how to enable AI to unlock the future and fully autonomous systems. [superface.ai]

OpenAPI Does What Swagger Don't
At this year's API Specifications Conference (ASC), Postman ​​OpenAPI Technical Lead Arnaud Lauret (also known in the community as the API Handyman!) took the stage to share why, if you're still using Swagger 2, it's time to move to OpenAPI 3. by Pascal Heus, Guest Author, Smit Patel [blog.postman.com]

Webhook forwarding in the GitHub CLI (public beta)
Dependabot is a friendly co-developer supporting millions of repositories, but previously wasn't included in mention suggestions. Starting today, you can more easily mention Dependabot, thanks to autocomplete. [github.blog]

Avoid API Versioning Pitfalls with Spectral
This is one of our Public Style Guides, a part of our Style Guides rulebook series. If you want to subscribe to be notified of new guidelines, put your email in below. Most APIs use some sort of API versioning unless you're one of the bold few using API evolution. by Phil Sturgeon [blog.stoplight.io]

WebSocket, Shrek, and AsyncAPI - An Opinionated Intro
This is a pretty subjective post. I'm sharing my perspective, taking into account years of experience building backend and frontend with user experience in mind. If you do not want to read this article, then watch the recording of the live stream about the same: Everything we hear is an opinion, not a fact. [asyncapi.com]
 
Business of APIs
OpenAI, Google, and How Access Concerns Changes With Scale
An API's access scheme can tell a lot about the API designer's maturity, intended audience, and long-term ambition. The conceptual part of various approaches, fascinates me more than the mechanical instrumentation. In this edition of Net API Notes, let's unpack API access, from most straightforward implementation to Google scale, and note the lessons along the way. by Matthew Reinbold [netapinotes.substack.com]

APIs: They Can Do More Than Just Carry Data
The application programming interface (API) that allows two software programs (or data centers) to communicate with each other, can be critically important when accessing data or requesting a specific routine or report to be run. APIs perform multiple tasks as they create a pipeline between inhouse servers and data stored in the cloud. [informationweek.com]


(Un)Related
What happens when you type a URL into your browser?
There are no prerequisites to reading this article. I assume that you have used a web browser to navigate across the internet. by system-design [medium.com]

The Distributed Computing Manifesto
Today, I am publishing the Distributed Computing Manifesto, a canonical document from the early days of Amazon that transformed the architecture of Amazon's ecommerce platform. It highlights the challenges we were facing at the end of the 20th century, and hints at where we were headed. by Dr Werner Vogels - https://www.allthingsdistributed.com/ [allthingsdistributed.com]

Harden Your API by Adding Chaos Engineering to Your Tests
Software development has changed in the last few years. While we used to develop our software as a monolith running on our own hardware, we deploy software today as a distributed system that leverages several connected services, which may even run on different cloud platforms. From the outside perspective of an API, the change is barely visible. by Guest Author [blog.postman.com]
 
Want to share something?
As always, if you want to chat, share a link, or make a suggestion, feel free to drop us a quick note or tagging us on Twitter (@launchany and @caseysoftware) or by emailing us at: james@launchany.com
 
UPCOMING EVENTS
Follow on Twitter    Forward to Friend    Subscribe
Copyright © 2022 LaunchAny, All rights reserved.
unsubscribe from this list