The week in API strategy, news, articles, and upcoming events.
James Higginbotham, Curator  A hand-curated weekly newsletter for API developers, sponsored by LaunchAny and CaseySoftware

Find this via Twitter? Subscribe now so you don't miss out

API Developer Weekly

Jan 7, 2021 - Issue #339
Welcome to the first edition of the newsletter for 2021! This week features articles that dig into the API design impact of Hyrum's Law, a look at RAML, and a look at WebSockets using Ballerina lang. Also, there is a great article on Stripe API's first ten years and the utility API strategy. 

Happy New Year!

-- James

Hot Topics
What Does Hyrum's Law Mean for API Design?
When it comes to software behavior, developers often rely on what they get, and not necessarily what they're promised. The more developers you have, the more likely it is that somebody depends on your API's implicit behavior - an observation known as Hyrum's Law. []

API Design Guidance: Bulk and Batch Import
Some APIs require importing lots of data at once to prevent submitting 100s to 1000s of individual POST operations (a slow and tedious process as a result of a CRUD-based API design). There are two common use cases for bulk/batch processing: importing many resources via a single transaction or performing a background import of a large data set in an efficient manner. by James Higginbotham []

OAS vs. RAML: What's the Difference?
OAS and RAML are two popular API description formats. Although they were designed for slightly different purposes, many API owners only come to use one or the other, begging the question: which of the two should you choose? In this article, we offer a concise comparison of OpenAPI Specification (OAS) and RESTful API Modeling Language (RAML). []

Practical Hypermedia Controls
A lot has been written about REST but less so when it comes to Hypermedia Controls. I haven't seen too many Hypermedia based APIs out in the wild. I theorize that there are two main reasons for this. First, it is something many people haven't been exposed to, and second, it... []

What goes into an award winning developer portal?
Interview with the 3 Jury Members who judged 32 developer portal nominations over 9 award categories for this year's Devportal Awards. The 10th award was awarded to the most popular devportal as determined by community votes. []

How Netflix Scales its API with GraphQL Federation (Part 2)
In our previous post and QConPlus talk, we discussed GraphQL Federation as a solution for distributing our GraphQL schema and implementation. In this post, we shift our attention to what is needed to run a federated GraphQL platform successfully - from our journey implementing it to lessons learned. by Netflix Technology Blog []

An Introduction to WebSockets with Ballerina
WSO2 sponsored this post. WebSocket is a communication protocol used for efficient full-duplex communication between web browsers and servers over TCP. In this article, we will take a look at the history of the technologies used in dynamic websites. Then, we will introduce WebSockets as the modern approach in fulfilling these requirements while fixing the... by Anjana Fernando, Jimmy Song, Nočnica Fee []

GraphQL: One Data Model To Rule Them All? | Nordic APIs |
GraphQL is often praised for its human usability. However, can it rule the entire stack? Here's why Diana Suvorova believes GraphQL could dominate server-server communication as well. []

APIs Unplugged Episode 16 - HOLIDAY SPECIAL Season 1 Recap by MuleSoft
This episode looks back on Season 1 of the APIs Unplugged. Mike and Matt reflect on highlights from each episode, featuring special guests from all over the global API community. by MuleSoft []

A library for Go client applications that need to perform OAuth authorization against a server, typically Traditionally, OAuth for web applications involves redirecting to a URI after the user authorizes an app. While web apps (and some native client apps) can receive a browser redirect, client apps such as CLI applications do not have such an option. by cli []

GitHub Action for APIMATIC Transformer
This Github Action uploads and converts any API Specification into one of the supported formats listed here, The user just need to use the GitHub action in their repository on GitHub and provide the API Specification URL and export format as the arguments to the action. by Mujtaba Mehdi []
The Business of APIs
Stripe's payments APIs: the first ten years
A few years ago, Bloomberg Businessweek published a feature story on Stripe. Four words spanned the center of the cover: "seven lines of code," suggesting that's all it took for a business to power payments on Stripe. The assertion was bold-and became a theme and meme for us. []

Integrating a Utility API Strategy | Nordic APIs |
API usage in the modern enterprise has skyrocketed in recent years, with a number of API providers jumping to cover demand. While previously, providers created language-specific SDKs, this method has become outmoded as it does not allow for scaling. []

With API attacks rising, Cloudflare launches a free API security tool | ZDNet
After attacks against API servers have constantly risen over the past few years, Cloudflare has launched today a new security tool to secure these systems against automated exploitation attempts. Named the Cloudflare API Shield, this new service will be available for free for all Cloudflare account holders, regardless of pricing plan. by Catalin Cimpanu []

Apollo Extends Explorer GraphQL IDE to Development Environments
GraphQL tooling company Apollo introduced a version of Apollo Studio, its cloud-based service for developing and delivering a data graph (and a rebrand of its Graph Manager), that allows developers to build graphs and test queries on a locally running GraphQL server, rather than in production. by Mike Melanson, Kimberley Mok, Joab Jackson []

(Un)Related Topics
The Big Little Guide to Message Queues
Message Queues are now fairly prevalent-there are so many of them showing up so fast you'd think they were rabbits with an unlimited supply of celery, resulting in an kafkaesque situation where making a decision is like trying to catch a stream in your hands. []

SOA vs. EDA: Is Not Life Simply a Series of Events?
When should you use an API? When should you use an event? Most contemporary software architectures are some mix of these two approaches. I will attempt to articulate in layman's terms what an event-driven architecture (EDA) is and contrast it with service-oriented architecture (SOA). []

How we rebuilt the Walmart Autocomplete Backend
Introduction The Legacy The Approach The Solution- Handling multiple data sets- Cache Capacity estimation- Latency to call remote cache The Architecture What Next? Conclusion Autocomplete is the first step into the search world. Instead of typing in the whole words/phrases, the user can start typing the first few characters, and autocomplete would start suggesting relevant matches. by Shouvik Dutta []

How to Avoid Coupling in Microservices Design
Distributed monolith is a somewhat humorous phrase to allude to a not-so-well-designed microservices architecture. By disregarding the best microservices design practices, you have not only failed to overcome the disadvantages of a monolith, but also created new complex problems or intensified the existing ones. by Mariam Rajabi []

Practical Transaction Handling in Microservice Architecture
It's challenging to handle the complexities that come with a distributed system when moving away from a monolith to microservice architecture (MSA). Transaction handling is at the front and center of this issue. A typical database transaction done in a web application using local transactions is now a complicated distributed transaction problem. []

Useful Resources
Upcoming Net API Events
A list of upcoming Net API Events, maintained by Matthew Reinbold

API Security Events
A list of upcoming API security events from

Tyk Whitepaper: Approaching your API Strategy
As well as writing for the James Higginbotham is an Executive API Consultant with experience in API strategy and software architecture. James guides enterprises through their digital transformation journey to deliver a great customer experience and provides training in API and microservice design. []

Book: A Practical Approach to API Design by Casey and Higginbotham
If you read the tech press, everyone knows they need an API but most aren't really sure what it is. They treat it as another checkbox like "Web 2.0" was a few years ago or a mobile app was most recently. In fact, there’s an entire “API-first” movement in development circles that most people don’t understand or even realize why. In this book, we'll start by discussing the what an API is, why you might need one, and follow up with the how to build one. []

Want to share something?
As always, if you want to chat, share a link, or make a suggestion, feel free to drop us a quick note or tagging us on Twitter (@launchany and @caseysoftware) or by emailing us at:
Follow on Twitter    Forward to Friend    Subscribe
Copyright © 2021 LaunchAny, All rights reserved.
unsubscribe from this list