The week in API strategy, news, articles, and upcoming events.
James Higginbotham, Curator  A hand-curated weekly newsletter for API developers, sponsored by LaunchAny and CaseySoftware

Find this via Twitter? Subscribe now so you don't miss out

API Developer Weekly

Oct 8, 2020 - Issue #329
This week's articles include a focus on the API industry, some case studies on the use of API gateways and the BFF pattern, and a deep-dive into Apollo's GraphQL implementation. Also, be sure to check out the article on upgrading to HTTP/3, recent API security breaches, and recent announcements on gRPC and API security tool from Cloudflare. Finally, be sure to learn more about DevNet 2020 and signup for the virtual conference. 

Happy reading! -- James
Hot Topics
3 Experts on How the API Industry Is Changing
With every new year, we see many changes in the API industry. And it's not just how we build APIs - like which architectural styles we use - but what we build and why we build it. This article looks at how the API space is changing across six core focuses: industry trends, regulations and standards, adoption, event-driven APIs, COVID-19, and careers. []

GraphQL Internals: How Does It Work?
If you're just getting started with GraphQL it can be a bit daunting. There are a lot of different vendor frameworks to choose from and a ton of nomenclature. But at its root, it's actually not complex at all. In reality, there's more complexity in vendor implementations than there is in the actual standard. by David Choi []

Talking About the Importance of API Specifications with Marjukka Niinioja (@mniinioja)
One of the regular patrons of my weekly Friday open office hours around API specifications has been with API expert Marjukka Niinioja (@mniinioja), and a couple of weeks back we carved off 30 minutes to discuss the important of OpenAPI, other specifications, and the need for more education and awareness around specifications. by Kin Lane []

Takeaways Using The Backends For Frontends Pattern
Backends For Frontends (BFF) is an architectural software pattern first described by Sam Newman consisting of implementing independent backend servers to be consumed by specific UIs or frontend applications and thus avoid customizing a single backend for multiple interfaces. In this post, I'll be sharing my personal experience using the BFF pattern while working for one of our clients at by Gustavo A. López []

The Roles of Service Mesh and API Gateways in Microservice Architecture
If you're into microservices, then you might've heard about these two terms multiple times. Often people get confused between the two. In this article, I'm going to talk about service meshes and API gateways in detail and discuss when to use what. by Tanmay Deshpande []

Why you should upgrade to HTTP/3
QUIC and HTTP/3 aim to solve the head-of-line-blocking problem and address many other shortcomings associated with previous versions. []

A shameful security flaw could have let anyone access your Grindr account
You would think a dating app that knows your sexuality and HIV status would take thorough precautions to keep that info protected, but Grindr has disappointed the world once again - this time, with a gobsmackingly egregious security vulnerability that could have let literally anyone who could guess your email address into your user account. by Sean Hollister []

With API attacks rising, Cloudflare launches a free API security tool
After attacks against API servers have constantly risen over the past few years, Cloudflare has launched today a new security tool to secure these systems against automated exploitation attempts. Named the Cloudflare API Shield, this new service will be available for free for all Cloudflare account holders, regardless of pricing plan. by Catalin Cimpanu [] 

The Business of APIs
Cisco's focus on developers and software highlights DevNet 2020 agenda
Cisco Systems Inc. is one of those businesses that has successfully ridden the waves. Now in its fourth decade , the networking giant is making a major transformation to software and it is bringing the developer community along with it. Companies that sell software tend to attract interest from developers. []

5 Ways to Generate Direct Revenue With APIs
One of the first questions an API team has to wrestle with is how to self-sustain the service. While there are typically various free options for hobbyists, APIs at scale must sustain themselves and generate a financial return if viewed as products. []

HotelBeds uses API management platform to reduce cost
Bed bank operator HotelBeds is using an open source application programming interface (API) manager to deal with increasing traffic while also reducing costs. As a distributor of accommodation inventories and ancillary travel-related products, HotelBeds works with more than 60,000 travel buyers in 140 markets globally, serving a client base of more than 180,000 hotels. []

2 API and Service Development Strategies for Role Enablement and APIs at Scale
Role enablement is key for a mature API strategy & APIs at scale. Learn how 2 approaches to API & Service development can support this: top-down & bottom-up. []

Cloudflare Launches API Shield to Combat Increased Rate of API Attacks
Cloudflare has announced the release of Cloudflare API Shield. This new product, which is free to all account holders regardless of their pricing plan, is intended to simplify API security via mutual TLS authentication, API schema validation, and a positive security model. []

Cloudflare announces support for gRPC
Today we're excited to announce beta support for proxying gRPC, a next-generation protocol that allows you to build APIs at scale. With gRPC on Cloudflare, you get access to the security, reliability and performance features that you're used to having at your fingertips for traditional APIs. []
(Un)Related Topics
Monolith -> Services: Theory & Practice
How can we get from a monolith to micro-services quickly? Can't answer that question. First, "quickly" is right out the window. You didn't make this mess in a month; you're not going to fix it in a month. Second, you want some benefit you aren't currently getting that you expect from micro-services. by Kent Beck []

Improving Webassembly and Its Tooling -- Q&A with Wasmtime's Nick Fitzgerald
WebAssembly, now a web standard, aims to grow beyond the browser. Wasm runtimes are implementing proposals to achieve this vision. Fitzgerald tells us about his recent work on WebAssembly tooling and his implementation of reference types in the Wasmtime WebAssembly runtime -- a prelude to interface types and easy interoperation between Wasm and a host language. []

Couchbase set to bring app multi-tenancy to its NoSQL document-store database
Interview Document-store NoSQL database biggie Couchbase is promising application multi-tenancy within a single database as part of the next release of its flagship product. Couchbase 7.0, expected in the first half of next year, will hand control to the application developer to specify how they want to lay out their microservice architecture and address a single database instance, said CTO Ravi Mayuram. []

Useful Resources
Upcoming Net API Events
A list of upcoming Net API Events, maintained by Matthew Reinbold

API Security Events
A list of upcoming API security events from

Tyk Whitepaper: Approaching your API Strategy
As well as writing for the James Higginbotham is an Executive API Consultant with experience in API strategy and software architecture. James guides enterprises through their digital transformation journey to deliver a great customer experience and provides training in API and microservice design. []

Book: A Practical Approach to API Design by Casey and Higginbotham
If you read the tech press, everyone knows they need an API but most aren't really sure what it is. They treat it as another checkbox like "Web 2.0" was a few years ago or a mobile app was most recently. In fact, there’s an entire “API-first” movement in development circles that most people don’t understand or even realize why. In this book, we'll start by discussing the what an API is, why you might need one, and follow up with the how to build one. []

Want to share something?
As always, if you want to chat, share a link, or make a suggestion, feel free to drop us a quick note or tagging us on Twitter (@launchany and @caseysoftware) or by emailing us at:
Follow on Twitter    Forward to Friend    Subscribe
Copyright © 2020 LaunchAny, All rights reserved.
unsubscribe from this list