Copy
The week in API strategy, news, articles, and upcoming events.
James Higginbotham, Curator  A hand-curated weekly newsletter for API developers, sponsored by LaunchAny and CaseySoftware

Find this via Twitter? Subscribe now so you don't miss out
 
 

API Developer Weekly

Feb 27, 2020 - Issue #297
This week, we have an article I wrote regarding the design of upsert support in your API (a frequent API design question), a nice video from Erik Wilde regarding an antipattern I've seen with microservices: wrapped databases as a microservice layer (hint: DON'T DO IT). We also have articles on API usability beyond reference documentation,a security advisory for a Wordpress plugin that fails to secure an API endpoint, and gRPC streaming and gRPC security how-tos. Happy reading! -- James
 
Hot Topics
How to add upsert support to your API
An upsert is a common technique that combines the automatic creation of a new record with an update to an existing record if it already exists using a single statement. While not all APIs may need this kind of behavior, some find that it can optimise API interactions for those specific cases when a client needs to check for the existance of a resource before a create or update request. by James Higginbotham [tyk.io]

Are System APIs a Good Idea?
Managing API landscapes is no easy task, and one question that often gets asked is whether "System APIs" are a good idea or not. This question often is about... by Erik Wilde [youtube.com]

Going beyond Usability with Developer Portals
Efficiency, effectiveness and satisfaction define usability. A developer portal with frictionless user journeys and consistent API documentation will attract people who will generate traffic and revenue. However, in order to provide a better user experience you need to go beyond usability. Enhanced engagement can help to: Build out your partner strategy. [pronovix.com]

Zero-Day Vulnerability in ThemeREX Addons Plugin Exploited in the Wild
Description: Remote Code Execution Affected Plugin: ThemeREX Addons Plugin. One of the plugin’s functions registers a WordPress REST-API endpoint. When doing so, it does not verify that a request is coming from an administrative user. [wordfence.com]

How to Build a Streaming API Using gRPC
gRPC is an alternative architectural pattern to REST and GraphQL for providing and consuming APIs. It's becoming a popular way among many companies to create APIs intended to run at web-scale compared to the other architectures that often rely on data formatting standards such as JSON or XML. [programmableweb.com]

Securing gRPC-based Microservices in .NET Core
TL;DR: This tutorial will show you how to integrate authentication and authorization in a .NET Core microservice scenario based on gRPC. You will go through the process of protecting the server endpoints and will learn how to authorize a gRPC client to make requests to it. by View Profile [auth0.com]

Is API management a centralized or decentralized approach?
Modern application development practices mandate a more "decentralized" approach in order to improve productivity and agility, by giving teams more autonomy to self-serve. What does that really mean from an API management perspective. Should the decentralized approach be applied right down at the infrastructure level, increasing the number of gateways and other components such that each team has their own? by kim.clark@uk.ibm.com [developer.ibm.com]

The Business of APIs
The Wait is Over: DevNet Certifications are Here!
We started DevNet six years ago with the ambitious goal of creating a community of developers who could innovate and succeed with the programmable infrastructure that we knew Cisco and the industry would develop in the next 5 years. by Susie Wee [blogs.cisco.com]

5 insights from MuleSoft's CTO for creating a winning data integration strategy
Nearly all (92%) of businesses are currently undertaking digital transformation initiatives or plan to in the next year, but there are many challenges that come with this type of change, including integration. Hear from MuleSoft CTO, Uri Sarid about those challenges and potential solutions. [mulesoft.smh.re]

How APIs Will Democratize Access to Low-Cost Artificial Intelligence and Machine Learning
Even with today's open source technologies for applying artificial intelligence and machine learning, there are still some thorny challenges to getting both right. Especially at a reasonable cost to both the pocketbook and the planet. But API-led approaches might be able to ease the pain. [programmableweb.com]
 
(Un)Related Topics
Talking Is Easy Listening Is Hard
Did you know there is more than one way to listen? For years, I thought there were at most three, Regular Listening, Active Listening, and Selective Hearing (as my mother would say). As I was researching and studying how to be a better active listener, I discovered that there are more than 20 types of listening. by Deena Chadwick [batimes.com]

How to Avoid Cascading Failures in Distributed Systems
Cascading failures are failures that involve some kind of feedback mechanism. In distributed software systems they generally involve a feedback loop where some event causes either a reduction in capacity, an increase in latency, or a spike of errors. Laura Nolan explores them using public accounts of real production incidents. [infoq.com]

Event Sourcing Design with Amazon Web Services
Event sourcing is a software architecture concept based on the idea of saving every state change to your application, giving you the ability to rebuild the application state from scratch using event playback. It's similar to a bank ledger where instead of storing the current value of each account at any given time and updating... by Paul Bourdel, Joseph Cooper, Joseph Christianson [thenewstack.io]

Useful Resources
Upcoming Web API Events
A list of upcoming Web API Events, maintained by Matthew Reinbold

API Security Events
A list of upcoming API security events from apisecurity.io

Tyk Whitepaper: Approaching your API Strategy
As well as writing for the James Higginbotham is an Executive API Consultant with experience in API strategy and software architecture. James guides enterprises through their digital transformation journey to deliver a great customer experience and provides training in API and microservice design. [content.tyk.io]


Book: A Practical Approach to API Design by Casey and Higginbotham
If you read the tech press, everyone knows they need an API but most aren't really sure what it is. They treat it as another checkbox like "Web 2.0" was a few years ago or a mobile app was most recently. In fact, there’s an entire “API-first” movement in development circles that most people don’t understand or even realize why. In this book, we'll start by discussing the what an API is, why you might need one, and follow up with the how to build one. [leanpub.com]

 
Want to share something?
As always, if you want to chat, share a link, or make a suggestion, feel free to drop us a quick note or tagging us on Twitter (@launchany and @caseysoftware) or by emailing us at: james@launchany.com
 
Follow on Twitter    Forward to Friend    Subscribe
Copyright © 2020 LaunchAny, All rights reserved.
unsubscribe from this list